Security News > 2022 > May > Hackers target Tatsu WordPress plugin in millions of attacks

Hackers target Tatsu WordPress plugin in millions of attacks
2022-05-17 11:16

Hackers are massively exploiting a remote code execution vulnerability, CVE-2021-25094, in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 websites.

Tatsu Builder is a popular plugin that offers powerful template editing features integrated right into the web browser.

The targeted vulnerability is CVE-2021-25094, allows a remote attacker to execute arbitrary code on the servers with an outdated version of the plugin.

Wordfence, a company offering a security solution for WordPress plugins, has been monitoring the current attacks.

Wordfence reports seeing millions of attacks against its customers, blocking a whopping 5.9 million attempts on May 14, 2022.

All users of the Tatsu Builder plugin are strongly recommended to upgrade to version 3.3.13 to avoid attack risks.


News URL

https://www.bleepingcomputer.com/news/security/hackers-target-tatsu-wordpress-plugin-in-millions-of-attacks/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-04-25 CVE-2021-25094 Unspecified vulnerability in Brandexponents Tatsu
The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory.
network
high complexity
brandexponents
8.1

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Wordpress 7 2 93 44 18 157
Plugin 2 0 13 1 0 14