Millions of WordPress Sites Targeted to Exploit an Abandoned Plugin

Defiant researchers noted a surge in attacks against WordPress sites having Kaswara Modern WPBakery Page Builder as a plugin since it’s plagued with a security bug that hasn’t received any patch.

Exploiting this vulnerability would let attackers upload malicious JavaScript files to the victim site and takeover over it ultimately. Also, they can exploit the compromised site’s visitors by inserting malicious links. Since the author of that plugin has abandoned it’s development, researchers advised WordPress users to remove it to stay secure.

Mass Scanning Across The Web

Exploiting vulnerable WordPress themes or plugins to takeover the relying site is usual, just as the concerned developer passes patches to secure them. But, since July 4th, attackers are mass scanning the web to find WordPress sites with a vulnerable plugin – that was abandoned by the concerned developer!

This puts millions of sites using the plugin – Kaswara Modern WPBakery Page Builder at risk, which is plagued with critical severity flaw tracked as CVE-2021-24284. Researchers noted that anyone exploiting this could successfully take over the site remotely, as they can upload malicious files and make changes as desired.

As of today, researchers at Defiant noted that 1,599,852 unique sites are being targeted by hackers to exploit this plugin. And since July 4th, there have been an average of half a million hits targeting sites with this faulted plugin.

Since the author of Kaswara Modern WPBakery Page Builder has abandoned developing it, researchers warned WordPress users having this plugin of the potential threat.

They advised the site admins to remove this plugin and look for malicious zip files like the ‘inject.zip’, ‘king_zip.zip’, ‘null.zip’, ‘plugin.zip’, and ‘***_young.zip’ for possible exploitation. If you find any of your JavaScript files having the presence of “; if(ndsw==” string, consider your site was hacked and remove it immediately.

Other Trending News:-  News

LEAVE A REPLY

Please enter your comment!
Please enter your name here