March 12, 2024 at 05:21AM
A new malware campaign targets WordPress sites using Popup Builder plugin, infiltrating over 3,900 sites. It exploits CVE-2023-6000 to create rogue admin users and install harmful plugins. WordPress owners are urged to update plugins and scan for malicious code. Additionally, a high-severity bug in Ultimate Member plugin was disclosed, posing potential admin access risk.
Based on the meeting notes, the key takeaways are:
1. A new malware campaign leveraging a security flaw in the Popup Builder plugin for WordPress has infected more than 3,900 sites over the past three weeks, leading to the injection of malicious code and redirecting site visitors to other potentially harmful sites.
2. WordPress site owners are advised to keep their plugins up-to-date, scan their sites for any suspicious code or users, and perform appropriate cleanup to mitigate the risks associated with the malware campaign.
3. Another high-severity bug in the Ultimate Member plugin for WordPress, tracked as CVE-2024-2123, has been disclosed, and impacts all versions of the plugin, including and prior to 2.8.3. This flaw has been patched in version 2.8.4, released on March 6, 2024.
4. The discovery of an arbitrary file upload vulnerability in the Avada WordPress theme (CVE-2024-1468) has been resolved in version 7.11.5, and site owners are advised to update to mitigate the risk of potential remote code execution.
Please let me know if there’s anything else I can assist you with.