Analytics Story: WordPress Vulnerabilities
Description
This analytic story provides a collection of analytics that detect potential exploitation of WordPress vulnerabilities. The analytics are focused on the detection of known vulnerabilities in WordPress plugins and themes.
Why it matters
The following collection of analytics are focused on the detection of known vulnerabilities in WordPress plugins and themes. The analytics are focused on the detection of known vulnerabilities in WordPress plugins and themes.
Detections
| Name | Technique | Type |
|---|---|---|
| WordPress Bricks Builder plugin RCE | Exploit Public-Facing Application | TTP |
Data Sources
| Name | Platform | Sourcetype | Source |
|---|---|---|---|
| Nginx Access | N/A | nginx:plus:kv |
/var/log/nginx/access.log |
References
- https://attack.mitre.org/techniques/T1190
- https://github.com/Tornad0007/CVE-2024-25600-Bricks-Builder-plugin-for-WordPress/blob/main/exploit.py
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25600
- https://op-c.net/blog/cve-2024-25600-wordpresss-bricks-builder-rce-flaw-under-active-exploitation/
- https://thehackernews.com/2024/02/wordpress-bricks-theme-under-active.html
Source: GitHub | Version: 1