Home | News | Sucuri Security News | Outdated Duplicator Plugin RCE Abused

Outdated Duplicator Plugin RCE Abused

Outdated Duplicator Plugin RCE Abused

We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file.

These cases are all linked to the same vulnerable software: WordPress Duplicator Plugin.

Versions lower than 1.2.42 of Snap Creek Duplicator plugin are vulnerable to a Remote Code Execution attack, where the malicious visitor is able to run any arbitrary code on the target site.

Continue reading Outdated Duplicator Plugin RCE Abused at Sucuri Blog.

https://blog.sucuri.net/?fwp_blog_categories=wordpress-security

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.