Critical RCE Flaw in WordPress Bricks Theme Exposes 25,000+ Sites

by Esmeralda McKenzie
Critical RCE Flaw in WordPress Bricks Theme Exposes 25,000+ Sites

Critical RCE Flaw in WordPress Bricks Theme Exposes 25,000+ Sites

WordPress Bricks RCE Flaw

A serious A ways flung Code Execution (RCE) vulnerability in the Bricks Builder theme for WordPress has save over 25,000 internet sites at possibility, prompting an urgent security update.

The flaw, identified as CVE-2024-25600, turn into once stumbled on by a security researcher identified as ‘snicco’ and reported to the Patchstack trojan horse bounty program.

WordPress Bricks Theme RCE Flaw

The vulnerability affects all versions of the Bricks Builder theme up to 1.9.6 and enables unauthenticated attackers to abolish arbitrary PHP code on the server.

A hacker would possibly possibly possibly well take over a entire place with out client credentials. The severity of this RCE flaw has been rated 9.8 out of 10 on the Frequent Vulnerability Scoring Arrangement (CVSS), indicating a significant level of possibility.

Story

Dwell Epic Takeover Attack Simulation

How attain Hackers Bypass 2FA?

Dwell attack simulation Webinar demonstrates a form of ways by which anecdote takeover can happen and practices to protect your internet sites and APIs against ATO attacks .

A majority of the attacks are from the next IP addresses –

  • 200.251.23[.]57
  • 92.118.170[.]216
  • 103.187.5[.]128
  • 149.202.55[.]Seventy nine
  • 5.252.118[.]211
  • 91.108.240[.]52

Impact and Exploitation

The Bricks Builder theme is a favored WordPress vogue instrument that allows customers to abolish high-performance internet sites with a code-free attain. On account of its ease of utilize and developer-pleasant parts, it has turn into a most neatly-preferred replacement for many builders.

Nonetheless, discovering this vulnerability has ended in active exploitation, with attackers running malicious PHP code on prone sites.

Patchstack reported that the exploitation attempts started on February 14, appropriate days after the vulnerability turn into once disclosed.

Wordfence also confirmed the active exploitation of the flaw, having detected a pair of attacks.

The Bricks crew responded promptly to the disclosure, releasing a security patch with model 1.9.6.1 on February 13, 2024.

The update addressed the foundation trigger of the vulnerability and turn into once made readily accessible as a one-click on update.

Internet sites administrators the utilize of the Bricks Builder theme are strongly knowledgeable to update to the most up-tp-date model on to cease doable exploits.

It is mostly instructed to study for signs of compromise even after updating, as attackers would possibly possibly possibly even agree with exploited the vulnerability sooner than the patch turn into once applied.

Suggestions for Customers

Consideration all customers: it is highly instructed you upgrade to Bricks model 1.9.6.1 at your earliest convenience.

This most current model entails serious security patches and trojan horse fixes, bettering total procedure stability and performance.

Failing to update would possibly possibly possibly pause up in doable procedure vulnerabilities and recordsdata breaches. Kindly take action on to ensure the security and integrity of your procedure.

Source credit : cybersecuritynews.com

Related Posts