Thousands of websites run buggy WordPress plugin that allows complete takeover

Traced as CVE-2021-24284, the vuln targets Kaswara Modern WPBakery Page Builder Addons and, if exploited, it would allow criminals to upload malicious JavaScript files and even completely take over an organization’s website.

Your logs may show the following query string on these events:

/wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1

它建議只能移除這個外掛,因為不會再更新了,這外掛

ssorc.tw 有被打,但我沒有這外掛

5.9.9.29 – – [06/Jul/2022:11:29:34 +0800] “POST //wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.0” 400 1002 “www.google.com” “Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36”

 

最後修改日期: 2022 年 07 月 18 日
Related posts 相關文章
WordPress 指令工具 wp-cli
More...
幾個信用卡 Credit Card Skimmers 攻擊
More...
Sucuri 對 2021 年的回顧與 2022 的預測
More...
2022 年也要更新你的 WordPress
More...

作者

留言

撰寫回覆或留言

發佈留言必須填寫的電子郵件地址不會公開。

− 2 = 4