[ad_1]
Hackers are massively exploiting a remote code execution vulnerability, CVE-2021-25094, in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 websites.
Up to 50,000 websites are estimated to still run a vulnerable version of the plugin, although a patch has been available since early April.
Large attack waves started on May 10, 2022 and peaked four days later. Exploitation is currently ongoing.
Tatsu Builder is a popular plugin that offers powerful template editing features integrated right into the web browser.
The targeted vulnerability is CVE-2021-25094,…
More Info
