Security News > 2022 > July > Experts Notice Sudden Surge in Exploitation of WordPress Page Builder Plugin Vulnerability
Researchers from Wordfence have sounded the alarm about a "Sudden" spike in cyber attacks attempting to exploit an unpatched flaw in a WordPress plugin called Kaswara Modern WPBakery Page Builder Addons.
Tracked as CVE-2021-24284, the issue is rated 10.0 on the CVSS vulnerability scoring system and relates to an unauthenticated arbitrary file upload that could be abused to gain code execution, permitting attackers to seize control of affected WordPress sites.
Wordfence, which is protecting over 1,000 websites that have the plugin installed, said it has blocked an average of 443,868 attack attempts per day since the start of the month.
The attacks have emanated from 10,215 IP addresses, with a majority of the exploitation attempts narrowed down to 10 IP addresses.
These involve uploading a ZIP archive containing a malicious PHP file that allows the attacker to upload rogue files to the infected website.
Between 4,000 and 8,000 websites are said to have the plugin installed, making it imperative that users remove it from their WordPress sites to thwart potential attacks and find an appropriate alternative.
News URL
https://thehackernews.com/2022/07/experts-notice-sudden-surge-in.html
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-14 | CVE-2021-24284 | Unrestricted Upload of File with Dangerous Type vulnerability in Kaswara Project Kaswara 3.0.1 The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. | 9.8 |