March 12, 2024 at 05:21AM A new malware campaign targets WordPress sites using Popup Builder plugin, infiltrating over 3,900 sites. It exploits CVE-2023-6000 to create rogue admin users and install harmful plugins. WordPress owners are urged to update plugins and scan for malicious code. Additionally, a high-severity bug in Ultimate Member plugin was disclosed, posing … Read more
March 11, 2024 at 11:15AM High-severity vulnerability in Ultimate Member plugin (CVE-2024-2123) enables injection of malicious scripts into WordPress sites. Insufficient input sanitization and output escaping in the plugin’s members directory list functionality allow unauthenticated attackers to inject web scripts and potentially gain administrative user access. Patch released on March 6, impacting versions 2.8.3 and … Read more
March 10, 2024 at 11:42AM Hackers are exploiting an XSS vulnerability in outdated Popup Builder plugin versions, infecting over 3,300 WordPress sites with malicious code. A new campaign targeting the same vulnerability has seen a notable uptick, with Sucuri reporting 1,170 infections. To defend against these attacks, users are advised to upgrade to Popup Builder … Read more
February 27, 2024 at 09:57AM A security vulnerability in LiteSpeed Cache plugin for WordPress (CVE-2023-40000) allows unauthenticated users to elevate privileges. Patchstack researcher Rafie Muhammad mentioned potential information theft and privilege escalation. The issue was fixed in version 5.7.0.1, and the latest version is 6.1, released on February 5, 2024. This follows Wordfence’s discovery of … Read more
February 20, 2024 at 09:03AM Attackers are leveraging a recently patched vulnerability in the Bricks Builder plugin for WordPress to execute arbitrary PHP code on affected websites, warns Patchstack. Tracked as CVE-2024-25600, this remote code execution flaw can be exploited without authentication. Exploitation attempts have already been observed, with attackers deploying malware to disable security … Read more
February 20, 2024 at 04:33AM A critical security flaw in the Bricks theme for WordPress, tracked as CVE-2024-25600, allows unauthenticated attackers to remotely execute PHP code on susceptible installations. The flaw was addressed in version 1.9.6.1 on February 13, 2024, following Snicco’s report. Exploitation attempts have been detected, and users are advised to apply the … Read more
February 19, 2024 at 12:56PM Hackers are exploiting a critical remote code execution flaw in the Bricks Builder Theme, allowing them to run malicious PHP code on vulnerable sites. A fix in version 1.9.6.1 was released on February 13 to address the vulnerability (CVE-2024-25600). Active exploitation attempts began on February 14, with specific IP addresses … Read more
January 15, 2024 at 11:44AM Thousands of WordPress sites are affected by the Balada Injector malware, exploiting a vulnerability in the Popup Builder plugin. The campaign, active since 2017, aims to redirect visitors to fraudulent pages and push notification scams. The attackers establish persistent control by adding backdoors and malicious plugins. The issue was addressed … Read more
January 11, 2024 at 12:55PM The Balada Injector malware has infected over 6,700 WordPress websites using a vulnerable version of the Popup Builder plugin. The attacks inject a backdoor that redirects visitors to fake support pages, lottery sites, and push notification scams. Defending against these attacks includes updating themes and plugins and minimizing the number … Read more
December 22, 2023 at 12:42PM A rogue WordPress plugin discovered by threat hunters poses a Magecart campaign threat, creating bogus admin users and injecting malicious code to steal credit card data. The plugin hides in the mu-plugins directory and enables sustained access to the target. This revelation comes amid growing concerns about digital skimming and … Read more