Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin

February 20, 2024 at 09:03AM Attackers are leveraging a recently patched vulnerability in the Bricks Builder plugin for WordPress to execute arbitrary PHP code on affected websites, warns Patchstack. Tracked as CVE-2024-25600, this remote code execution flaw can be exploited without authentication. Exploitation attempts have already been observed, with attackers deploying malware to disable security … Read more

WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites

February 20, 2024 at 04:33AM A critical security flaw in the Bricks theme for WordPress, tracked as CVE-2024-25600, allows unauthenticated attackers to remotely execute PHP code on susceptible installations. The flaw was addressed in version 1.9.6.1 on February 13, 2024, following Snicco’s report. Exploitation attempts have been detected, and users are advised to apply the … Read more