Millions of WordPress sites are being scanned for potential attacks
Cybercriminals have spotted an abandoned WordPress (opens in new tab) plugin that is vulnerable to a high-severity flaw, and are now on the hunt for any websites using it.
Security firm Wordfence found that since July 4, cybercriminals have scanned almost 1.6 million WordPress site in search of the vulnerable plugin.
Luckily, only a small portion of websites are running the plugin, significantly reducing the potential threat landscape.
Half a million attacks a day
The plugin in question is called Kaswara Modern WPBakery Page Builder. Allegedly, it’s been abandoned by its authors, and is no longer receiving updates. As such, it is vulnerable to CVE-2021-24284.
This vulnerability allows threat actors to upload and download files to and from vulnerable WordPress websites, which could mean complete site takeover.
Defiant, the company behind Wordfence, says their customers are getting almost half a million attack attempts a day. The attacks are coming from more than 10,000 unique IP addresses, although the volume between them varies. Some IP addresses are generating “millions of requests”, it was added.
The researchers are suggesting admins to remove the Kasware Modern WPBakery Page Builder Addons plugin from their websites immediately, and for those that don’t use it – they should still block the attackers’ IP addresses.
The details can be found on the Wordfence blog here (opens in new tab).
WordPress is the world’s number one website builder (opens in new tab), accounting for a significant portion of all the websites in the world. As such, it is a major target for cybercriminals. But WordPress as a platform is relatively safe, and only a few basis points of vulnerabilities are found directly on the platform.
The majority is found in WordPress plugins, which are almost exclusively third-party. Some of them are commercial, and have experienced teams contributing regular updates. Others, however, are free-to-use and often don’t get nearly as many updates as needed, leaving users at risk of identity theft, data theft, website defacement, and numerous other cyberattacks.
Via: BleepingComputer (opens in new tab)
Audio player loading… Cybercriminals have spotted an abandoned WordPress (opens in new tab) plugin that is vulnerable to a high-severity flaw, and are now on the hunt for any websites using it. Security firm Wordfence found that since July 4, cybercriminals have scanned almost 1.6 million WordPress site in search…
Recent Posts
- Honor’s Porsche Design Magic 6 RSR is the luxury smartphone for your mid-life crisis
- Google is getting even worse for independent sites
- Nintendo’s Orlando theme park will have Yoshi and Donkey Kong rides
- Dropbox confirms eSign tool hit by major data breach, confirms customer info leaked
- 7 Best Digital Photo Frames (2024): High-Res and Natural
Archives
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011