Security News > 2024 > February > WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites
2024-02-20 09:08
A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations. The flaw, tracked as CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks up to and including 1.9.6. It has been addressed by the theme developers in&
News URL
https://thehackernews.com/2024/02/wordpress-bricks-theme-under-active.html
Related news
- FBI: Critical infrastructure suffers spike in ransomware attacks (source)
- Hacked WordPress Sites Abusing Visitors' Browsers for Distributed Brute-Force Attacks (source)
- Public anxiety mounts over critical infrastructure resilience to cyber attacks (source)
- WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Cyber attacks on critical infrastructure show advanced tactics and new capabilities (source)
- Critical Security Flaw Found in Popular LayerSlider WordPress Plugin (source)
- Critical flaw in LayerSlider WordPress plugin impacts 1 million sites (source)
- Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks (source)
- Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks (source)