Vulnerable Kaswara Modern WPBakery Page Builder Addons Plugin Being Exploited in the Wild

Fioravante Souza posted: " Back on April 20th, 2021, our friends at WPScan reported a severe vulnerability on Kaswara Modern VC Addons, also known as Kaswara Modern WPBakery Page Builder Addons. It is not available anymore at Codecanyon/Envato, meaning that if you have this r" New post on Jetpack: WordPress Security, Performance, and Growth Vulnerable Kaswara Modern WPBakery Page Builder Addons Plugin Being Exploited in the Wild by Fioravante Souza Back on April 20th, 2021, our friends at WPScan reported a severe vulnerability on Kaswara Modern VC Addons, also known as Kaswara Modern WPBakery Page Builder Addons. It is not available anymore at Codecanyon/Envato, meaning that if you have this running, you must choose an alternative. This vulnerability allows unauthenticated users to upload arbitrary files to the plugin's icon directory (./wp-content/uploads/kaswara/icons). This is the first Indicator Of Compromise (IOC) our friends at WPScan shared with us in their report. The ability to upload arbitrary files to a website gives the bad actor full control over the site, which makes it hard to define the final payload of this infection; thus, we'll show you everything we found so far (we got a little carried away on the research, so feel free to jump to the IOC section if you don't want to read through). Read more of this post Fioravante Souza | June 8, 2021 at 11:40 am | Categories: Vulnerabilities | URL: https://wp.me/p1moTy-vMz Unsubscribe to no longer receive posts from Jetpack: WordPress Security, Performance, and Growth. Change your email settings at Manage Subscriptions. Trouble clicking? Copy and paste this URL into your browser: http://jetpack.com/2021/06/08/vulnerable-kaswara-modern-wpbakery-plugin/ Thanks for flying with WordPress.com