Attackers are exploiting a recent remote code execution flaw in the Bricks Builder WordPress plugin to deploy malware.
February 20, 2024 By Ionut Arghire
Attackers are exploiting a recently patched vulnerability in the Bricks Builder plugin for WordPress to hack websites and deploy malware, WordPress security company Patchstack reports.
The issue, tracked as CVE-2024-25600, is described as a remote code execution (RCE) flaw that can be exploited without authentication to execute arbitrary PHP code on an affected WordPress website.
The bug was identified in the ‘prepare_query_vars_from_settings’ function, which is called from different processes in the code, including the Bricks\Query class, which manages the rendering of WordPress post queries, and which uses PHP’s eval function, security researcher Calvin Alkan explains.
