The Wordfence Threat Intelligence team discovered a severe zero-day vulnerability in Kaswara Modern WPBakery Page Builder Addons, a premium plugin with 10,000+ installations, that is being actively exploited. “Robin Goodfellow” reported the vulnerability to WPScan this morning.
Unauthenticated attackers can exploit the vulnerability by uploading malicious PHP files to a WordPress site and then gaining remote code execution to take control of the site. At the time of posting, there is no known patch, and the plugin has been removed from CodeCanyon.
According to Wordfence, It is recommended to delete this plugin from your WordPress site right away.
Moments ago, the Wordfence Threat Intelligence team posted an advisory recommending removal of the Kaswara Modern WPBakery Page Builder Addons plugin due to active exploitation of a 0day vulnerability in this premium plugin. https://t.co/ny67ryEApW— Wordfence (@wordfence) April 21, 2021
“Due to the developer’s unresponsiveness, a patch may not be released, in which case we recommend finding a reasonable replacement that is being actively maintained by its developer.”, Wordfence said in a blog post.