January 25, 2024 at 09:22AM
The ‘Better Search Replace’ WordPress plugin, used by over one million sites, has a critical vulnerability allowing attackers to execute malicious code. Exploits have surged, prompting the release of version 1.4.5 to address this flaw. Urgent upgrading is recommended as attacks are growing, impacting all versions up to 1.4.4.
Based on the meeting notes, the key takeaways are:
– Malicious activity targeting a critical severity flaw in the ‘Better Search Replace’ WordPress plugin has been detected, with thousands of attempts observed in the past 24 hours.
– The plugin vendor, WP Engine, released version 1.4.5 last week to address a critical-severity PHP object injection vulnerability tracked as CVE-2023-6933.
– The security issue allows unauthenticated attackers to inject a PHP object, potentially leading to code execution, access to sensitive data, file manipulation or deletion, and triggering denial of service condition.
– Better Search Replace versions up to 1.4.4 are impacted, and users are strongly recommended to upgrade to 1.4.5 as soon as possible.
– Hackers have seized the opportunity to exploit the vulnerability, with over 2,500 attacks targeting CVE-2023-6933 reported within the past 24 hours.
– Wordfence has blocked over 2,500 attacks targeting the vulnerability on its clients.
– Download stats on WordPress.org recorded close to a half million downloads over the past week, with 81% of the active versions being 1.4 but unclear about the minor release.