"Massive WordPress Plugin Vulnerability Leads to 3,300 Site Infections"

March 10, 2024 at 03:38 PM

•

1 min read

"Massive WordPress Plugin Vulnerability Leads to 3,300 Site Infections" — Photo: BleepingComputer

TL;DR Summary

Hackers are exploiting a vulnerability in outdated versions of the Popup Builder plugin for WordPress, infecting over 3,300 websites with malicious code. The attacks involve injecting code into the Custom JavaScript or Custom CSS sections of the WordPress admin interface, with the primary purpose of redirecting visitors to phishing pages and malware-dropping sites. Site admins are advised to upgrade to the latest version of the plugin, block specific domains associated with the attacks, and remove malicious entries to prevent reinfection.

Topics:business #cybersecurity #hacking #malware #vulnerability #wordpress

Share this article

Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware BleepingComputer
Thousands of WordPress sites compromised via WordPress plugin bug SC Media
Thousands of websites infected via vulnerable Popup Builder plugin for WordPress Techzine Europe
Hackers Selling WordPress 0-day Exploits on Hacker Forums CybersecurityNews
Hackers exploited WordPress Popup Builder plugin flaw to compromise 3,300 sites Security Affairs

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 2 min read

Condensed

80%

400 → 80 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights