all InfoSec news
Thousands of Sites with Popup Builder Compromised by Balada Injector
Sucuri Blog blog.sucuri.net
On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was fixed in version 4.2.3.
A couple of days later, on December 13th, the Balada Injector campaign started infecting websites with older versions of the Popup Builder. The attack used a freshly registered (December 13) domain specialcraftbox[.]com. At the current time of writing PublicWWW detects the injection on over 6,200 sites.
Continue reading Thousands of …
balada balada injector black hat tactics builder campaign compromised december hacked websites injector installation malware obfuscation plugin popular popup redirects research stored xss version vulnerability website malware infections websites wordpress plugins and themes wordpress security wpscan xss