This popular WordPress site builder has a serious security issue — and hackers are already taking advantage
A remote code execution flaw in WordPress site builder is being actively abused
A popular WordPress theme with tens of thousands of users carries a high severity vulnerability that allows threat actors to run malicious PHP code. The patch for the flaw has already been made available, and hackers have started targeting vulnerable sites to disable security plugins.
A security researcher alias “snicco” recently found a vulnerability in the Brick Builder Theme, a commercial website builder with some 25,000 active installations, the publication states.
The vulnerability is a remote code execution (RCE) flaw, now tracked as CVE-2024-25600, and labeled as “critical”.
Attacks ramping up
Security platform Patchstack notified the Brick Builder Theme developers of the findings, which released a fix on February 13. At the time the flaw was discovered, there was no evidence of exploitation in the wild. Still, the developers urged the users to bring the theme up to version 1.9.6.1 because as soon as the news gets out, hackers are bound to start scanning for vulnerable sites.
“As of the time of this release, there’s no evidence that this vulnerability has been exploited. However, the potential for exploitation increases the longer the update to 1.9.6.1 is delayed,” the developers said in a security advisory. “Update all your Bricks sites to the latest Bricks 1.9.6.1 as soon as possible. But at least within the next 24 hours. The earlier, the better.”
They were right, as just a day after the patch was released - on February 14 - Patchstack reported seeing exploitation attempts. Wordfence now claims at least two dozen attack attempts a day.
WordPress is the world’s most popular website builder and, as such, is a popular target for hackers. However, the platform itself is generally considered secure, with plugins - both free and commercial - being the weakest link. The good news with commercial plugins is that they’re actively maintained and flaws such as this one get fixed fast.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Via BleepingComputer
More from TechRadar Pro
- Almost a million WordPress websites at risk from this security flaw — here's what you need to know to keep your site safe
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.