Thousands of websites run buggy WordPress plugin that allows complete takeover
Traced as CVE-2021-24284, the vuln targets Kaswara Modern WPBakery Page Builder Addons and, if exploited, it would allow criminals to upload malicious JavaScript files and even completely take over an organization’s website.
Your logs may show the following query string on these events:
/wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1
它建議只能移除這個外掛,因為不會再更新了,這外掛
ssorc.tw 有被打,但我沒有這外掛
5.9.9.29 – – [06/Jul/2022:11:29:34 +0800] “POST //wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.0” 400 1002 “www.google.com” “Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36”
留言