Attackers are focusing their efforts on the Kaswara Modern WPBakery Page Builder plugin. This program was abandoned by its author just before receiving a patch due to a vulnerability, the CVE-2021-24284.

This vulnerability would allow an attacker to inject malicious code using any version of the plugin, allowing to upload and delete files. Esto podría acabar en un secuestro total de la página.

Fortunately, parece que una pequeña porción de entre todas las páginas escaneadas sería susceptible de sufrir un ataque de este tipo.

In this case, se recomienda borrar inmediatamente este plugin de la página WordPress que esté usándolo. Yes, por otro lado, no se utiliza el plugin, se recomienda aplicar bloqueos a las IP de los atacantes.


Se puede consultar más información en Wordfence: Haz click aquí


Leave a Reply

Your email address will not be published. Required fields are marked *

More news
A
Read more »
A researcher manages to hack some concert tickets using AI
Read more »
Una nueva campaña de phishing suplanta a ChatGPT
Read more »
Nintendo suffers a data breach through a supplier
Read more »
Trying to make fun of a scammer is not a very good idea
Read more »