A critical Remote Code Execution (RCE) vulnerability discovered in the Bricks Builder theme for WordPress has exposed over 25,000 websites, necessitating an urgent security update.
The flaw, identified as CVE-2024-25600, was found by security researcher ‘snicco’ and reported to the Patchstack bug bounty program.
WordPress Bricks Theme RCE Vulnerability The vulnerability impacts all versions of the Bricks Builder theme up to 1.9.6, enabling unauthenticated attackers to execute arbitrary PHP code on the server.
Hackers could gain complete control of a site without needing user credentials. The severity of this RCE vulnerability has been rated 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS), indicating a critical level of risk.
A majority of the attacks originate from the following IP addresses:
- 200.251.23[.]57
- 92.118.170[.]216
- 103.187.5[.]128
- 149.202.55[.]79
- 5.252.118[.]211
- 91.108.240[.]52
Impact and Exploitation The Bricks Builder theme is a popular WordPress development tool that allows users to create high-performance websites without needing to code. However, the discovery of this vulnerability has led to active exploitation, with attackers running malicious PHP code on vulnerable sites.
Patchstack reported that exploitation attempts began on February 14, just days after the vulnerability was disclosed. Wordfence also confirmed the active exploitation, detecting multiple attacks.
The Bricks team promptly responded to the disclosure, releasing a security patch with version 1.9.6.1 on February 13, 2024. The update addressed the root cause of the vulnerability and is available as a one-click update.
Website administrators using the Bricks Builder theme are strongly advised to update to the latest version immediately to mitigate potential exploits. It is also recommended to check for signs of compromise even after updating, as attackers may have exploited the vulnerability before the patch was applied.
Recommendations for Users All users are highly recommended to upgrade to Bricks version 1.9.6.1 as soon as possible. This latest version includes critical security patches and bug fixes, enhancing overall system stability and performance. Failure to update may result in potential system vulnerabilities and data breaches. Please take action immediately to safeguard the safety and integrity of your system.
