Another day, another WordPress exploit in the wild. In May, we have seen a lot of zero-days and issues arising from WordPress plugins such as Elementor for example.
CVE-2023-30777 brings a new threat to WordPress websites, utilizing Advanced Custom Fields plugin. The vulnerability describes the use of Cross-Site Scripting vulnerability, through which a potential malicious actor can inject and deliver scripts, advertisements, redirects and steal sensitive information.
Even though the Proof-of-Concept (or PoC) was out on May 2nd and the corresponding detailed report with suggested patching on May 5th, the attackers took advantage on non-patch websites. Over last 48 hours, security researchers have seen a spike of PoC reuse on actual targets.
Suggestions that we keep repeating – keep your stuff up to date. Make sure that all plugins and themes for WordPress installations are up-to-date. Make sure that there is a documented procedure on patching, as well as assigned personal to perform the task.
My intake on this:
WordPress is run on more than 30% websites on the internet. We will always see different kind of exploits popping up each months. The main take away here is to keep the WordPress components up to date. And as usual, it is important to be ready if your environment gets hit.
Source:
CSO Online