According to a new Patchstack report, hackers are actively exploiting 2 critical vulnerabilities in the Houzez plugin for WordPress, used primarily on real estate websites.
让我提醒你,我们也写过 E-Commerce Software Developer FishPig Hacked in a Massive Supply Chain Attack, 还有那个 《快公司》黑客称“任何人都可以做到”.
Information security specialists said that Hackers Scanned 1.6 Million WordPress Sites Looking for a Vulnerable Plugin.
Houzez is a premium plan plugin that offers easy ad management and seamless customer service. The manufacturer’s website claims that it serves over 35,000 real estate clients.
The bugs were discovered by Patchstack threat researcher Dave Jong, who also reported them to theme developer ThemeForest. One of them was fixed in version 2.6.4 in August 2022, and the other in version 2.7.2 in November 2022.
The Patchstack report warns that some websites have not applied the security update, 和 threat actors are actively exploiting these flaws in ongoing attacks. And at the moment, a large number of attacks come from the IP address 103.167.93.138.
- CVE-2023-26540 (CVSS: 9.8) is related to a security misconfiguration and can be used remotely by an unauthorized hacker to elevate privileges. The problem affects the Houzez plugin version 2.7.1 and higher. The fix is available in Houzez 2.7.2 或稍后.
- CVE-2023-26009 (CVSS: 9.8) allows an unauthenticated attacker to elevate privileges. Affects the Houzes Login Register plugin version 2.6.3 and higher. The fix is available in Houzez Login Register version 2.6.4 或稍后.
According to Jong, hackers exploit these vulnerabilities by sending a request to an endpoint that listens for account creation requests. Due to a bug in server-side validation, the request can be crafted to create an admin user on the site, allowing the attacker to take full control of the WordPress site.
In the attacks seen by Patchstack, the attackers uploaded a backdoor capable of executing commands, placing ads on the site, or redirecting traffic to other malicious sites. 在那之后, cybercriminals can do whatever they want with the site, but they usually download a malicious plugin that contains a backdoor.
发表评论