Security News > 2023 > May > Hackers target Wordpress plugin flaw after PoC exploit released

Hackers target Wordpress plugin flaw after PoC exploit released
2023-05-14 15:14

Hackers are actively exploiting a recently fixed vulnerability in the WordPress Advanced Custom Fields plugin roughly 24 hours after a proof-of-concept exploit was made public.

The vulnerability in question is CVE-2023-30777, a high-severity reflected cross-site scripting flaw that allows unauthenticated attackers to steal sensitive information and escalate their privileges on impacted WordPress sites.

The flaw was discovered by website security company Patchstack on May 2nd, 2023, and was disclosed along with a proof-of-concept exploit on May 5th, a day after the plugin vendor had released a security update with version 6.1.6.

"The Akamai SIG analyzed XSS attack data and identified attacks starting within 24 hours of the exploit PoC being made public," reads the report.

The XSS flaw requires the involvement of a logged-in user who has access to the plugin to run malicious code on their browser that will give the attackers high-privileged access to the site.

The exploit works on default configurations of the impacted plugin versions, which increases the chances of success for the threat actors without requiring extra effort.


News URL

https://www.bleepingcomputer.com/news/security/hackers-target-wordpress-plugin-flaw-after-poc-exploit-released/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-05-10 CVE-2023-30777 Unspecified vulnerability in Advancedcustomfields Advanced Custom Fields
Unauth.
network
low complexity
advancedcustomfields
6.1

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Wordpress 7 2 93 44 18 157
Plugin 2 0 13 1 0 14