Security News > 2022 > May > Hackers target Tatsu WordPress plugin in millions of attacks
Hackers are massively exploiting a remote code execution vulnerability, CVE-2021-25094, in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 websites.
Tatsu Builder is a popular plugin that offers powerful template editing features integrated right into the web browser.
The targeted vulnerability is CVE-2021-25094, allows a remote attacker to execute arbitrary code on the servers with an outdated version of the plugin.
Wordfence, a company offering a security solution for WordPress plugins, has been monitoring the current attacks.
Wordfence reports seeing millions of attacks against its customers, blocking a whopping 5.9 million attempts on May 14, 2022.
All users of the Tatsu Builder plugin are strongly recommended to upgrade to version 3.3.13 to avoid attack risks.
News URL
Related news
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites (source)
- W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks (source)
- Google says hackers abuse Gemini AI to empower their attacks (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- whoAMI attacks give hackers code execution on Amazon EC2 instances (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-25 | CVE-2021-25094 | Unspecified vulnerability in Brandexponents Tatsu The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory. | 8.1 |