GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Tech 90,000 Wordpress sites running theme facing hack (https://gfy.com/showthread.php?t=1355203)

blackmonsters 05-31-2022 05:37 PM
90,000 Wordpress sites running theme facing hack
 
Researchers have found a critical flaw in two themes used by more than 90,000 WordPress sites. WordFenceThreat Intelligence Team researcher Ramuel Gall discovered the defect. Two versions of the themes were affected: Jupiter Theme 6.10.1 or earlier and JupiterX Core Plugin 2.0.7 or earlier. The flaw was found between April and Early May.

One of the flaws tracked as CVE-2022-1654 are a vulnerability that allows "any authenticated attacker, including subscribers and customers," to take full control of any site running JupiterX Core Plugin."The plugin is required to run the Jupiter X. On May 3, 2022, WordFence notified the developers of the Jupiter theme flaw. Specifically, the critical flaw is in a function intended to reset a site after uninstalling a template; in the Jupiter theme, the function is found in the theme itself; in Jupiter X, it’s present in the Jupiter

https://www.wordfence.com/blog/2022/...remium-themes/

:2 cents:

brassmonkey 05-31-2022 07:08 PM
did they test anymore themes


All times are GMT -7. The time now is 07:25 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc