Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

WordPress Bricks Builder Vulnerability

February 20, 2024
Reading Time: 3 mins read
in Alerts

Hackers have targeted the Bricks Builder Theme, a renowned WordPress site builder, exploiting a severe remote code execution (RCE) flaw that impacts over 25,000 active installations. Discovered by researcher ‘snicco’ on February 10 and tracked as CVE-2024-25600, this vulnerability enables malicious actors to execute PHP code on susceptible websites. While there is no evidence of exploitation at the time of discovery, the potential threat prompted a swift response from the Patchstack platform, which notified the Bricks team. The release of version 1.9.6.1 on February 13 offered a fix, urging users to upgrade promptly to mitigate risks.

Despite the initial lack of exploitation evidence, subsequent updates revealed active exploitation attempts detected by Patchstack starting from February 14. The flaw, originating from user-controlled input execution via the eval function, poses a significant risk, particularly through REST API endpoints for server-side rendering. Attackers exploit publicly accessible nonces and inadequate permission checks to gain unauthenticated access, highlighting the urgency for users to update to version 1.9.6.1 to prevent potential breaches.

Patchstack’s disclosure of complete details for CVE-2024-25600 sheds light on the post-exploitation phase, where attackers deploy specific malware to disable security plugins like Wordfence and Sucuri. Additionally, IP addresses associated with most attacks are identified, contributing to the ongoing effort to mitigate risks and protect vulnerable websites. Wordfence’s confirmation of active exploitation underscores the severity of the situation, prompting urgent action among Bricks users to upgrade their themes immediately through the WordPress dashboard or manual updates.

In response to the escalating threat, administrators and website owners are strongly advised to prioritize the security of their Bricks Builder Theme installations by promptly updating to version 1.9.6.1. Failure to do so exposes websites to potential exploitation, data breaches, and unauthorized access. Heightened vigilance and proactive measures, including monitoring for suspicious activity and applying security patches promptly, are essential to safeguarding against evolving cyber threats in the WordPress ecosystem.

Reference:
  • 1.9.6.1 Changelog
  • Critical RCE Patched in Bricks Builder Theme
  • Bricks <= 1.9.6 – Unauthenticated Remote Code Execution
Tags: Bricks Builder ThemeCyber AlertCyber Alerts 2024Cyber RiskCyber threatCybersecurityFebruary 2024VulnerabilitiesWordpress
ADVERTISEMENT

Related Posts

Fake DocuSign Alerts Target Corporate Logins

Fake DocuSign Alerts Target Corporate Logins

May 28, 2025
Fake DocuSign Alerts Target Corporate Logins

Fake Bitdefender Site Spreads Venom Malware

May 28, 2025
Fake DocuSign Alerts Target Corporate Logins

Microsoft Void Blizzard Cyber Threat Alert

May 28, 2025
GhostSpy Android Malware Full Device Control

FBI Warns Luna Moth Targets US Law Firms

May 27, 2025
GhostSpy Android Malware Full Device Control

Winos 4.0 Malware Spread Via Fake Installers

May 27, 2025
GhostSpy Android Malware Full Device Control

GhostSpy Android Malware Full Device Control

May 27, 2025

Latest Alerts

Microsoft Void Blizzard Cyber Threat Alert

Fake DocuSign Alerts Target Corporate Logins

Fake Bitdefender Site Spreads Venom Malware

FBI Warns Luna Moth Targets US Law Firms

Winos 4.0 Malware Spread Via Fake Installers

GhostSpy Android Malware Full Device Control

Subscribe to our newsletter

    Latest Incidents

    Migos IG Hack Blackmails Solana Cofounder

    Tiffany & Co. Faces Data Breach Incident

    MathWorks Crippled by Ransomware Attack

    Everest Ransomware Leaks Coke Staff Data

    Adidas Data Breach Exposes Customer Contacts

    Semiconductor Firm AXT Hit by Data Breach

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial