Security researchers discovered a massive campaign that scanned close to 1.6 million WordPress sites for the presence of a vulnerable plugin.
Security researchers discovered a massive campaign that scanned close to 1.6 million WordPress sites for the presence of a vulnerable plugin.
A critical severity flaw CVE-2021-24284, where the attackers targeted the Kaswara Modern WOBakery Page Builder, received a patch after its author had abandoned it.
The vulnerability would allow an unauthenticated attacker to inject malicious Javascript to sites using any version of the plugin and perform actions like uploading and deleting files, which could lead to complete take over of the site.
Around 1,599,852 unique sites were being targeted, of which only a small portion is running the vulnerable plugin.
According to the Wordfence telemetry data, the attacks began on July 4 and are continued till today at an average of 443,868 attempts every day.
The researchers state that the attacks originated from 10,215distinct IP addresses, with some having generated millions of requests while others are limited to lower numbers.
If you use the Kaswara Modern WPBakery Page Builder Addons plugin, you should immediately remove it from your WordPress site.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?