Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

Hackers Aggressively Exploiting WordPress Plugin XSS Flaw – 2 Million Sites Affected

The cybersecurity researchers at Akamai recently affirmed as web applications and third-party tools become more prevalent, the risk of cyber-attacks increases due to a larger attack surface and low entry barriers for attackers.

Shortly after the announcement of a critical vulnerability in a WordPress custom field plug-in and the release of a patch, a notable increase in XSS activity was observed, with one specific proof-of-concept query being particularly significant.

Attackers are exploiting known vulnerabilities more extensively, and it’s important to analyze the vulnerability, actor, and traffic to understand the attack.

Initial Flaw Leads to XSS

CVE-2023-30777, a vulnerability detected in February with a CVSS base score of 7.1, enables a threat actor to execute a reflected XSS attack by injecting harmful scripts, redirects, ads, and URL manipulations into a targeted website.

Illegitimate scripts injected into an affected website can be unknowingly propagated to its visitors, posing a significant danger as site owners remain unaware of this manipulation.

The vulnerability’s widespread impact, affecting over 2 million active plug-in users, garnered significant attention upon releasing the exploit PoC, patch, and a comprehensive write-up featuring example payloads.

Active Exploitation of XSS Flaw

Public release of exploit vector details leads to an exponential surge in scanning and exploitation attempts, with security researchers, hobbyists, and companies frequently assessing new vulnerabilities upon disclosure.

The Akamai SIG’s analysis of XSS attack data revealed a concerning trend where the volume of attacks and the time it takes for them to occur after the public release of exploit PoCs is rapidly increasing and decreasing, respectively, with attacks initiating within a mere 24 hours.

The indiscriminate nature of the activity across all sectors and the absence of any attempt to develop new exploit codes indicate a non-sophisticated threat actor scanning for vulnerable sites and targeting easily exploitable vulnerabilities.

Recommendations

Here below, we have mentioned all the recommendations offered by the cybersecurity researchers at Akamai:-

  • As part of an organization’s risk reduction and security strategy, patch management is essential to managing risks.
  • Deploying the right tooling will make it easier to gain visibility into your network in real-time and mitigate vulnerabilities.
  • Firewalls for web applications provide security teams with the necessary protection from attacks. 
  • Ensure that the web applications are patched with security patches to prevent further attacks.

Copyright 2021 Associated Press. All rights reserved.

Source: https://cybersecuritynews.com/wordpress-plugin-xss-flaw/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

The cyberattack that ultimately led to the breach of several U.S. officials’ email accounts was the result of a China-based threat actor accessing a...

Cyber Security

You might discover hundreds of open doors if you scan your website for security vulnerabilities. Our AppSec research across 1400 websites protected by AppTrana uncovered 33,000...

Cyber Security

According to Cisco Talos, the Lazarus Group, backed by North Korea, is actively attacking the backbone infrastructure of the internet and entities in the...

Cyber Security

The well-known watch manufacturing company Seiko disclosed the data breach notification recently on Aug 2023, targeted by the notorious threat group BlackCat/ALPHV. BlackCat/ALPHV Group has been...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO