Cybersecurity researchers at Sucuri, a company that offers digital protection services for websites, have identified a targeted campaign that injects malicious JavaScript code into vulnerable WordPress sites.

According to the Sucuri report, JavaScript injection occurs in various files automatically loaded by browsers when accessing WordPress sites starts, and aims to generate illegitimate traffic to sites that may have been altered to display ads, try to apply phishing scams victims or even infect computers with malware.

In one of the examples cited by the Sucuri researchers, the malicious code led the browser to a page with a CAPTCHA authentication that, after being filled in, loaded several pop-up ads disguised as possible operating system warnings.

The campaign, which began on Monday (9), has already affected 322 WordPress sites — a small number compared to a previous attack on the service, detected in April, which killed more than 6,000 pages.

To protect against this threat, Sucuri researchers recommend that WordPress site administrators update all page resources to the latest versions, be they themes, plugins or any other related application type.

Welcome to WordPress Premium store:, a trustworthy selling site that is professional with more than 10 years of experience. You can get cheap and safe WordPress Premium at We commit to improving our service by being honest, friendly, and helpful, trying our best to make each customer satisfied. If you got any problems with our services or the game, feel free to contact us via Livechat.