WordPress Vulnerabilities
Description
This analytic story provides a collection of analytics that detect potential exploitation of WordPress vulnerabilities. The analytics are focused on the detection of known vulnerabilities in WordPress plugins and themes.
- Product: Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
- Datamodel: Web
- Last Updated: 2024-02-22
- Author: Michael Haag, Splunk
- ID: baeaee14-e439-4c95-91e8-aaedd8265c1c
Narrative
The following collection of analytics are focused on the detection of known vulnerabilities in WordPress plugins and themes. The analytics are focused on the detection of known vulnerabilities in WordPress plugins and themes.
Detections
| Name | Technique | Type |
|---|---|---|
| WordPress Bricks Builder plugin RCE | Exploit Public-Facing Application | TTP |
Reference
- https://attack.mitre.org/techniques/T1190
- https://github.com/Tornad0007/CVE-2024-25600-Bricks-Builder-plugin-for-WordPress/blob/main/exploit.py
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25600
- https://op-c.net/blog/cve-2024-25600-wordpresss-bricks-builder-rce-flaw-under-active-exploitation/
- https://thehackernews.com/2024/02/wordpress-bricks-theme-under-active.html
source | version: 1