WordPress

Experts Notice Sudden Surge in Exploitation of WordPress Page Builder Plugin Vulnerability – The Hacker News

Summary

Researchers from Wordfence have sounded the alarm about a “sudden” spike in cyber attacks attempting to exploit an unpatched flaw in a WordPress plugin called Kaswara Modern WPBakery Page Builder Addons.

Tracked as CVE-2021-24284, the issue is rated 10.0 on the CVSS vulnerability scoring system and relates to an unauthenticated arbitrary file upload that could be abused to gain code execution, permitting attackers to seize control of affected WordPress sites.

Although the bug …….

Researchers from Wordfence have sounded the alarm A few “sudden” spike in cyber assaults Attempting to take benefit of an unpatched flaw in a WordPress plugin referred to as Kaswara Trendy WPBakery Website Builder Addons.

Tracked as CVE-2021-24284, The disbenefit is rated 10.0 on the CVSS vulnerability scoring system and Pertains to an unauthenticated arbitrary file add That Can be abused To understand code execution, permitting assaulters To grab administration of affected WordPress web websites.

Although the bug was initially disclosed in April 2021 by the WordPress safety agency, it continues To maintain unresolved So far. To make issues worse, the plugin has been closed and is Not actively maintained.

Wordfence, which is defending over 1,000 internet web websites Which have the plugin put in, said it has blocked A imply of 443,868 assault makes an try per day As a Outcome of The start of the month.

The assaults have emanated from 10,215 IP addresses, with a majority of the exploitation makes an try narrowed Proper down to 10 IP addresses. These contain including A zipper archive containing a malicious PHP file That permits the assaulter to add rogue information to the contaminated internet website.

The objective of the advertising campaign, it seems, is to insert code into in any other case respectable JavaScript information and redirect website visitors to malicious internet web websites. It is worth noting that the assaults have been tracked by Avast and Sucuri beneath the monikers Parrot TDS and NDSW, respectively.

Between 4,000 And eight,000 internet web websites are said to have the plugin put in, making it crucial that clients take away it from their WordPress web websites to thwart potential assaults and discover an relevant various.

Source: https://thehackernews.com/2022/07/experts-notice-sudden-surge-in.html