Imunify360 researchers have recently found a wave of attacks exploiting a known vulnerability in Chamilo LMS (CVE-2023-34960) to escalate and execute arbitrary commands. Chamilo is an e-learning platform, also called Learning Management Systems (LMS), widely used by Universities and NGOs with a total of ~85k installations.
The recent cyber attack found by Patchstack researcher Rafie Muhammad on the "Advanced Custom Fields" plugin for WordPress is a stark reminder of how vulnerable websites can be to hackers. In this case, over two million users were at risk of cyberattacks due to a vulnerability (a flaw, tracked as CVE-2023-30777) that allowed miscreants to inject malicious code into webpages and potentially hijack administrative accounts.
The Imunify Security team is always working hard to ensure you’re receiving the highest level of protection possible. Now we’re setting up a number of notifications to inform you about potentially threatening configurations on your server. Whenever you receive a message from us that starts like this …
We are reaching out to you to keep you informed on security threats. The list below shows vulnerable software that has been detected in your environment:
- Actively Exploited Plugin Vulnerability - /home/johndoe/public_html
- Severity: CRITICAL
- WordPress 6.0
- Affected Plugin: Download Manager
- Affected Versions: <= 3.2.42
The new week started with a new campaign trying to widely use the Arbitrary File Upload vulnerability in the Simple File List plugin for WordPress.
The high severity vulnerability in Post Grid WordPress plugin that appeared in public resources is suspected to be the cause of attackers’ interest to exploit the affected systems.
The discovered vulnerability allows an attacker to forge the template with further inclusion of its code to the application's backend with the ability to perform malicious actions involving privileged users. This could end up with a stolen administrator session or malware injection.
On Wednesday, 2 September, the Imunify360 Web Protection Team detected a significant rise in blocked malware that day. Most of the malware was located in the /wp-file-manager/lib/files/ directory path.
When we investigated, we determined that there was a critical vulnerability in the File Manager plugin for WordPress, and that this vulnerability affected a variety of applications.
The Imunify security team recently detected a vulnerable plugin in the WordPress plugin directory. It’s called PressForward, and it’s used to manage editorial workflow. This free plugin included an iframe that could be used to send visitors to a malicious web page.
The Imunify team identified the vulnerability in this plugin on the first of July, 2020. At the time it was discovered, the plugin was installed on 800+ websites, where it could be used to send visitors to phishing sites and conduct black SEO campaigns. The plugin’s change log indicates that it has been there for almost a year:
bbPress, a popular WordPress plugin, was recently found to contain a serious vulnerability.
How should bbPress users address it? The best way is to update the plugin and install the latest version. But if they can’t or don’t do this, Imunify has them covered. Read below to find out how. Additionally, check our WordPress Security Ultimate Guide for 2021 to learn more about WordPress Security.