DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News
Reload this Page Thousands of websites run buggy WordPress plugin that allows complete takeover
FAQ Today's Posts Search

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 16th July 2022
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,131
Default Thousands of websites run buggy WordPress plugin that allows complete takeover
From https://www.theregister.com/2022/07/...dpress_plugin/
Quote:
Miscreants have reportedly scanned almost 1.6 million websites in attempts to exploit an arbitrary file upload vulnerability in a previously disclosed buggy WordPress plugin.

Traced as CVE-2021-24284, the vuln targets Kaswara Modern WPBakery Page Builder Addons and, if exploited, it would allow criminals to upload malicious JavaScript files and even completely take over an organization's website.

Wordfence disclosed the flaw almost three months ago, and in a new advisory this week warned that criminals are increasing attacks — the WordPress security shop claims it blocked an average of 443,868 attack attempts per day on its customers' sites.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Buggy, Vulnerable GoDaddy Certificates shep News 0 12th January 2017 07:16 PM
Thousands of WordPress sites commandeered by Black Hole J65nko News 0 3rd November 2011 07:49 PM
Friendly takeover: FBI controls bot PCs J65nko News 0 14th April 2011 09:44 PM
Hundreds of thousands of hacked websites spreading scareware J65nko News 0 3rd April 2011 03:02 AM
WordPress 3.0 nearly complete J65nko News 0 9th June 2010 06:28 PM


All times are GMT. The time now is 04:21 AM.

DaemonForums.org RSS Feeds - Contact Us - DaemonForums.org - Archive - Privacy Statement - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick