Wordfence reports increase in TrafficTrade malware infection caused by theme

WordPress security experts, Wordfence, are reporting a “significant increase in the number of WordPress websites hit by an infection [they’re] calling TrafficTrade.”

Wordfence says there seems to be two routes to infection. A small number caused by a redundant searchreplacedb2.php script (which they reported as an issue a few weeks back). The bulk of infections though, are being caused by a vulnerability in the Newspaper theme – this is a premium theme.

You can find full details on the Wordfence blog.

Your site should be safe if you’re running the up to date Wordfence plugin or if you’re not using the Newspaper theme (or have copies of the errant ‘searchreplace’ script in your WordPress install)