Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

WordPress Bricks Builder Vulnerability

February 20, 2024
Reading Time: 3 mins read
in Alerts

Hackers have targeted the Bricks Builder Theme, a renowned WordPress site builder, exploiting a severe remote code execution (RCE) flaw that impacts over 25,000 active installations. Discovered by researcher ‘snicco’ on February 10 and tracked as CVE-2024-25600, this vulnerability enables malicious actors to execute PHP code on susceptible websites. While there is no evidence of exploitation at the time of discovery, the potential threat prompted a swift response from the Patchstack platform, which notified the Bricks team. The release of version 1.9.6.1 on February 13 offered a fix, urging users to upgrade promptly to mitigate risks.

Despite the initial lack of exploitation evidence, subsequent updates revealed active exploitation attempts detected by Patchstack starting from February 14. The flaw, originating from user-controlled input execution via the eval function, poses a significant risk, particularly through REST API endpoints for server-side rendering. Attackers exploit publicly accessible nonces and inadequate permission checks to gain unauthenticated access, highlighting the urgency for users to update to version 1.9.6.1 to prevent potential breaches.

Patchstack’s disclosure of complete details for CVE-2024-25600 sheds light on the post-exploitation phase, where attackers deploy specific malware to disable security plugins like Wordfence and Sucuri. Additionally, IP addresses associated with most attacks are identified, contributing to the ongoing effort to mitigate risks and protect vulnerable websites. Wordfence’s confirmation of active exploitation underscores the severity of the situation, prompting urgent action among Bricks users to upgrade their themes immediately through the WordPress dashboard or manual updates.

In response to the escalating threat, administrators and website owners are strongly advised to prioritize the security of their Bricks Builder Theme installations by promptly updating to version 1.9.6.1. Failure to do so exposes websites to potential exploitation, data breaches, and unauthorized access. Heightened vigilance and proactive measures, including monitoring for suspicious activity and applying security patches promptly, are essential to safeguarding against evolving cyber threats in the WordPress ecosystem.

Reference:
  • 1.9.6.1 Changelog
  • Critical RCE Patched in Bricks Builder Theme
  • Bricks <= 1.9.6 – Unauthenticated Remote Code Execution
Tags: Bricks Builder ThemeCyber AlertCyber Alerts 2024Cyber RiskCyber threatCybersecurityFebruary 2024VulnerabilitiesWordpress
ADVERTISEMENT

Related Posts

FreeDrain Phishing Steals Crypto Funds

FBI Warns Cybercriminals Exploit Routers

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

X Scam Targets Crypto Users with Fake Ads

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

FreeDrain Phishing Steals Crypto Funds

May 9, 2025
COLDRIVER Hackers Target Sensitive Data

COLDRIVER Hackers Target Sensitive Data

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

CoGUI Targets Consumer and Finance Brands

May 8, 2025

Latest Alerts

X Scam Targets Crypto Users with Fake Ads

FBI Warns Cybercriminals Exploit Routers

FreeDrain Phishing Steals Crypto Funds

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

Subscribe to our newsletter

    Latest Incidents

    LockBit Ransomware Data Leaked After Hack

    Spanish Consumer Group Faces Cyberattack

    Education Giant Pearson Hit by Data Breach

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial