February 20, 2024 at 09:03AM Attackers are leveraging a recently patched vulnerability in the Bricks Builder plugin for WordPress to execute arbitrary PHP code on affected websites, warns Patchstack. Tracked as CVE-2024-25600, this remote code execution flaw can be exploited without authentication. Exploitation attempts have already been observed, with attackers deploying malware to disable security … Read more
February 20, 2024 at 04:33AM A critical security flaw in the Bricks theme for WordPress, tracked as CVE-2024-25600, allows unauthenticated attackers to remotely execute PHP code on susceptible installations. The flaw was addressed in version 1.9.6.1 on February 13, 2024, following Snicco’s report. Exploitation attempts have been detected, and users are advised to apply the … Read more
February 19, 2024 at 12:56PM Hackers are exploiting a critical remote code execution flaw in the Bricks Builder Theme, allowing them to run malicious PHP code on vulnerable sites. A fix in version 1.9.6.1 was released on February 13 to address the vulnerability (CVE-2024-25600). Active exploitation attempts began on February 14, with specific IP addresses … Read more