Binary Defense analysts frequently observe compromised WordPress sites being used to host malware or launch other attacks. WordPress site owners should keep up-to-date with announced vulnerabilities and patches for WordPress and every plugin used by their site. The developers of Page Builder responded to the Wordfence disclosure and patched these vulnerabilities within a day. Binary Defense highly recommends all sites utilizing the plugin to update to version 2.10.16 as soon as possible. All prior versions are potentially vulnerable. Binary Defense also recommends performing regular account audits to ensure that only expected accounts exist with only the required permissions. File integrity monitoring (FIM) is also another great way to quickly detect if any file has modified or added to a site’s installation directory.