Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

This popular WordPress site builder has a serious security issue — and hackers are already taking advantage

Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS).

A popular WordPress theme with tens of thousands of users carries a high severity vulnerability that allows threat actors to run malicious PHP code. The patch for the flaw has already been made available, and hackers have started targeting vulnerable sites to disable security plugins.

A security researcher alias “snicco” recently found a vulnerability in the Brick Builder Theme, a commercial website builder with some 25,000 active installations, the publication states.

The vulnerability is a remote code execution (RCE) flaw, now tracked as CVE-2024-25600, and labeled as “critical”.

Attacks ramping up

Security platform Patchstack notified the Brick Builder Theme developers of the findings, which released a fix on February 13. At the time the flaw was discovered, there was no evidence of exploitation in the wild. Still, the developers urged the users to bring the theme up to version 1.9.6.1 because as soon as the news gets out, hackers are bound to start scanning for vulnerable sites.

“As of the time of this release, there’s no evidence that this vulnerability has been exploited. However, the potential for exploitation increases the longer the update to 1.9.6.1 is delayed,” the developers said in a security advisory. “Update all your Bricks sites to the latest Bricks 1.9.6.1 as soon as possible. But at least within the next 24 hours. The earlier, the better.” 

They were right, as just a day after the patch was released - on February 14 - Patchstack reported seeing exploitation attempts. Wordfence now claims at least two dozen attack attempts a day. 

WordPress is the world’s most popular website builder and, as such, is a popular target for hackers. However, the platform itself is generally considered secure, with plugins - both free and commercial - being the weakest link. The good news with commercial plugins is that they’re actively maintained and flaws such as this one get fixed fast.

Via BleepingComputer

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.