Site icon TechNewsBoy.com

Millions of WordPress sites are being scanned for potential attacks

Cybercriminals have spotted an abandoned WordPress (opens in new tab) plugin that is vulnerable to a high-severity flaw, and are now on the hunt for any websites using it. 

Security firm Wordfence found that since July 4, cybercriminals have scanned almost 1.6 million WordPress site in search of the vulnerable plugin. 

Luckily, only a small portion of websites are running the plugin, significantly reducing the potential threat landscape. 

Half a million attacks a day

The plugin in question is called Kaswara Modern WPBakery Page Builder. Allegedly, it’s been abandoned by its authors, and is no longer receiving updates. As such, it is vulnerable to CVE-2021-24284.

This vulnerability allows threat actors to upload and download files to and from vulnerable WordPress websites, which could mean complete site takeover.

Defiant, the company behind Wordfence, says their customers are getting almost half a million attack attempts a day. The attacks are coming from more than 10,000 unique IP addresses, although the volume between them varies. Some IP addresses are generating “millions of requests”, it was added.

The researchers are suggesting admins to remove the Kasware Modern WPBakery Page Builder Addons plugin from their websites immediately, and for those that don’t use it – they should still block the attackers’ IP addresses.

The details can be found on the Wordfence blog here (opens in new tab).

WordPress is the world’s number one website builder (opens in new tab), accounting for a significant portion of all the websites in the world. As such, it is a major target for cybercriminals. But WordPress as a platform is relatively safe, and only a few basis points of vulnerabilities are found directly on the platform.

The majority is found in WordPress plugins, which are almost exclusively third-party. Some of them are commercial, and have experienced teams contributing regular updates. Others, however, are free-to-use and often don’t get nearly as many updates as needed, leaving users at risk of identity theft, data theft, website defacement, and numerous other cyberattacks.

Via: BleepingComputer (opens in new tab)

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version