Specialists Discover Sudden Surge in Exploitation of WordPress Web page Builder Plugin Vulnerability

WordPress Page Builder Plugin Vulnerability

Researchers from Wordfence have sounded the alarm a few “sudden” spike in cyber assaults trying to use an unpatched flaw in a WordPress plugin referred to as Kaswara Fashionable WPBakery Web page Builder Addons.

Tracked as CVE-2021-24284, the difficulty is rated 10.0 on the CVSS vulnerability scoring system and pertains to an unauthenticated arbitrary file add that might be abused to realize code execution, allowing attackers to grab management of affected WordPress websites.


Though the bug was initially disclosed in April 2021 by the WordPress safety firm, it continues to stay unresolved so far. To make issues worse, the plugin has been closed and is not actively maintained.

Wordfence, which is defending over 1,000 web sites which have the plugin put in, stated it has blocked a mean of 443,868 assault makes an attempt per day for the reason that begin of the month.

WordPress Page Builder Plugin Vulnerability

The assaults have emanated from 10,215 IP addresses, with a majority of the exploitation makes an attempt narrowed all the way down to 10 IP addresses. These contain importing a ZIP archive containing a malicious PHP file that permits the attacker to add rogue information to the contaminated web site.


The purpose of the marketing campaign, it seems, is to insert code into in any other case reputable JavaScript information and redirect web site guests to malicious web sites. It is price noting that the assaults have been tracked by Avast and Sucuri below the monikers Parrot TDS and NDSW, respectively.

Between 4,000 and eight,000 web sites are stated to have the plugin put in, making it crucial that customers take away it from their WordPress websites to thwart potential assaults and discover an acceptable different.

Supply hyperlink

Leave a Comment

Your email address will not be published.