WordPress
Threat Intel team recommends against using this WordPress plugin since it might result in site takeover.
This week, Wordfence's threat intelligence team said that it has been keeping an eye on a dramatic rise in attack attempts against Kaswara Modern WPBakery Page Builder Add-ons.
The major vulnerability, CVE-2021-24284, was previously revealed and the plug-in was shut down, according to Wordfence researchers in a blog post. According to the researchers, attackers can upload harmful PHP files to a vulnerable website, which might result in code execution and total site takeover. Attackers can even insert harmful JavaScript into website files after they get a footing.
Because it's doubtful that the plug-in will ever receive a fix, the researchers advised site administrators to delete the Kaswara add-ons and choose an alternative even if Wordfence has been shielding its clients from this attack since May 21, 2021.
Wordfence, perhaps the top business specializing in protecting WordPress websites, was quick to warn that although about 1.6 million distinct websites were targeted, the bulk of those websites do not utilize the vulnerable plug-in.
Attackers are always looking for new weaknesses to exploit since WordPress powers up to one-third of all websites on the internet, including some of the busiest sites and a significant portion of e-commerce sites, according to Pravin Madhani, co-founder and CEO of K2 Cyber Security. The fact that plug-ins may impact a site's overall security, according to Madhani, is a depressing reminder with each new WordPress vulnerability.
Security teams should at the very least make sure that all plug-ins are current and that only the ones that are truly necessary for the site are enabled and used, according to Madhani. "Utilize security-in-depth for a site, which encompasses edge security, runtime application security, and server security, for the most effective defense."
According to John Bambenek, the lead threat hunter at Netenrich, one of the risks of using open-source software in the WordPress software supply chain is that components are frequently introduced that later turn out to be hazardous.
When plug-ins or packages are abandoned and there won't be any updates or fixes, this is especially acute, according to Bambenek. Users' only real choices are to rebuild their websites without WPBakery or to have powerful web application security that will thwart these assaults despite the vulnerability.
Senior technical engineer at Vulcan Cyber Mike Parkin thought the WordPress instance was a wonderful illustration of a problem in cybersecurity that is frequently disregarded: when software reaches end-of-life, becomes orphaned, or is otherwise no longer supported, it becomes a security concern.
Old vulnerabilities might not be fixed, and new ones might be found without a cure, according to Parkin. "Although removing outdated software or devices is the best course of action to get rid of the threat, this is sometimes not an option. The company will need to discover mitigations that can lower the risk as much as possible and be ready for the exploit when it occurs in circumstances where the program is still essential and a replacement is not available.
.jpg)
Comments
Post a Comment