HomeCyber BalkansHackers take advantage of WordPress vulnerability shortly after PoC exploit release

Hackers take advantage of WordPress vulnerability shortly after PoC exploit release

Published on

spot_img

A vulnerability in the WordPress Advanced Custom Fields plugin has been exploited within 24 hours of the publication of a proof-of-concept (PoC) exploit by the company, according to a recent blog by Akamai. CVE-2023-30777, a high-severity vulnerability affecting the plugin, was identified by a researcher at Patchstack on May 2. Hackers have been using the exploit against the plugin to carry out a cross-site scripting (XSS) attack, introducing various forms of URL manipulation, script injections and redirects that can impact and compromise a victim site. Advanced Custom Fields has more than two million active users across the globe.
The increasing speed of the hackers’ response time has highlighted the need for prompt and vigorous patch management. A higher rate of exploitation of emerging and recently disclosed vulnerabilities remains high and is getting faster, according to Akamai. The publication of the vulnerability and patch has led to an increase in XSS activity. In a little over 48 hours, an observation by Akamai showed that not only was there a significant amount of scanning activity against the vulnerability, but that this was consistent with activity seen in other zero-day vulnerabilities.
In the 48 hours following the publication of the vulnerability, attackers have used sample code to scan for vulnerable websites that have not been patched or upgraded to the latest version. In activity monitored by Akamai, the threat actor was found to have copied and used the Patchstack sample code from the write-up across all verticals. The breadth of activity and the lack of effort to create new exploit code indicates that the threat actor is not sophisticated and was scanning for vulnerable sites. This highlights the importance of patch management and the quick application of patches to ensure security.
Older unpatched vulnerabilities from as far back as 2017 can provide easy access for attackers. Known vulnerabilities are still being successfully exploited in a range of attacks as organizations fail to patch or remediate them successfully, according to Tenable. State-sponsored threat actors have been using the known vulnerabilities to gain initial access to government organizations and disrupt critical infrastructure. To mitigate risk, preventive cybersecurity measures should be the focus of an organization, rather than reactive post-event cybersecurity measures. Regular updates and patches should be applied to enhance security.

Source link

Latest articles

EU Extends Chat Control Rules to 2028

EU Moves Towards Extension of Temporary Child Protection Regulations: Privacy Concerns Emerge The European Union...

281 Android VPN Apps Expose Users to Traffic Leaks, Tracking, and Tunnel Hijacking Issues

A recent security analysis has illuminated significant privacy and security vulnerabilities within a staggering...

UNK MassTraction Aims for Partnerships with US and Canadian Universities

Targeted Cyber Attacks on U.S. and Canadian Universities: The Threat of UNK_MassTraction A newly identified...

Dell BIOS Flaw Allows Attackers to Extract Plaintext Passwords Without Brute Force

Critical Dell BIOS Vulnerability Exposed: An Urgent Security Concern A recently surfaced vulnerability in Dell's...

More like this

EU Extends Chat Control Rules to 2028

EU Moves Towards Extension of Temporary Child Protection Regulations: Privacy Concerns Emerge The European Union...

281 Android VPN Apps Expose Users to Traffic Leaks, Tracking, and Tunnel Hijacking Issues

A recent security analysis has illuminated significant privacy and security vulnerabilities within a staggering...

UNK MassTraction Aims for Partnerships with US and Canadian Universities

Targeted Cyber Attacks on U.S. and Canadian Universities: The Threat of UNK_MassTraction A newly identified...