Malware Campaign Exploits Popup Builder WordPress Plugin
A recent malware campaign is exploiting a critical security vulnerability in the Popup Builder plugin for WordPress, allowing the injection of malicious JavaScript code. Sucuri reports that this campaign has successfully compromised over 3,900 websites within the last three weeks.
Security researcher Puja Srivastava, in a report dated March 7, highlighted that the attacks are orchestrated from domains less than a month old, with registrations dating back to February 12th, 2024.
The method of infection involves the exploitation of CVE-2023-6000, a security flaw in Popup Builder that enables attackers to create unauthorized admin users and install arbitrary plugins.
WordPress site admins are strongly advised to maintain the currency of their plugins by ensuring regular updates. Additionally, they should conduct thorough site scans to detect any signs of suspicious code or unauthorized users, followed by necessary cleanup procedures.
Highlighting the importance of this, Srivastava emphasized, “This new malware campaign serves as a stark reminder of the risks of not keeping your website software patched and up-to-date.”
Kerry is a Content Creator at www.systemtek.co.uk she has spent many years working in IT support, her main interests are computing, networking and AI.