Vulnerability Bulletins

Vulnerability Exposes Over 4 Million Sites Using WPBakery

System information
   
Affected software Wordpress

Description
On July 27th, our Threat Intelligence team discovered a vulnerability in WPBakery, a WordPress plugin installed on over 4.3 million sites. This flaw made it possible for authenticated attackers with contributor-level or above permissions to inject malicious JavaScript in posts. We initially reached out to the plugin’s team on July 28, 2020 through their support […]

More info:

https://www.wordfence.com/blog/2020/10/vulnerability-exposes-over-4-million-sites-using-wpbakery/

Standar resources
Property Value
CVE

Version history
Version Comments Date
1.0 Advisory issued 2020-10-09
Ministerio de Defensa
CNI
CCN
CCN-CERT