{"id":264258,"date":"2022-07-18T13:19:29","date_gmt":"2022-07-18T15:19:29","guid":{"rendered":"https:\/\/teknomers.com\/fr\/les-experts-remarquent-une-augmentation-soudaine-de-lexploitation-de-la-vulnerabilite-du-plugin-wordpress-page-builder\/"},"modified":"2022-07-18T13:19:29","modified_gmt":"2022-07-18T15:19:29","slug":"les-experts-remarquent-une-augmentation-soudaine-de-lexploitation-de-la-vulnerabilite-du-plugin-wordpress-page-builder","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/les-experts-remarquent-une-augmentation-soudaine-de-lexploitation-de-la-vulnerabilite-du-plugin-wordpress-page-builder\/","title":{"rendered":"Les experts remarquent une augmentation soudaine de l&#8217;exploitation de la vuln\u00e9rabilit\u00e9 du plugin WordPress Page Builder"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><img decoding=\"async\" alt=\"Vuln\u00e9rabilit\u00e9 du plugin WordPress Page Builder\" border=\"0\" data-original-height=\"380\" data-original-width=\"728\" src=\"https:\/\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEj4WuUC3haaVbYFtmS3jsM_B2zWoMB-eI1Wqx1SN3caDiTOIXyFr-Czb5GIEzrivkVcn40u7WXaspJRjXd0j6dvzWfhNd3EJWdKgkjLAItCY_-mspdbfclNrTZNBmHP2wcYbRmlirCGYwmQKq7n-njyHGWBCwPwfD-LrpdqwhGgGd61WscWuDzSJF7L\/s728-e1000\/wordpress.jpg\" title=\"Vuln\u00e9rabilit\u00e9 du plugin WordPress Page Builder\"\/><\/div>\n<p>Les chercheurs de Wordfence ont <a rel=\"nofollow noopener\" href=\"https:\/\/www.wordfence.com\/blog\/2022\/07\/attacks-on-modern-wpbakery-page-builder-addons-vulnerability\/\" target=\"_blank\">sonn\u00e9<\/a> l&#8217;alarme concernant un pic &#8220;soudain&#8221; de cyberattaques tentant d&#8217;exploiter une faille non corrig\u00e9e dans un plugin WordPress appel\u00e9 <a rel=\"nofollow noopener\" href=\"https:\/\/codecanyon.net\/item\/kaswara-modern-visual-composer-addons\/19341477\" target=\"_blank\">Modules Kaswara Modern WPBakery Page Builder<\/a>.<\/p>\n<p>Suivi comme <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-24284\" target=\"_blank\">CVE-2021-24284<\/a>le probl\u00e8me est not\u00e9 10.0 sur le syst\u00e8me de notation des vuln\u00e9rabilit\u00e9s CVSS et concerne un t\u00e9l\u00e9chargement de fichier arbitraire non authentifi\u00e9 qui pourrait \u00eatre abus\u00e9 pour obtenir l&#8217;ex\u00e9cution de code, permettant aux attaquants de prendre le contr\u00f4le des sites WordPress concern\u00e9s.<\/p>\n<p>Bien que le bogue ait \u00e9t\u00e9 \u00e0 l&#8217;origine <a rel=\"nofollow noopener\" href=\"https:\/\/www.wordfence.com\/blog\/2021\/04\/psa-remove-kaswara-modern-wpbakery-page-builder-addons-plugin-immediately\/\" target=\"_blank\">divulgu\u00e9<\/a> en avril 2021 par la soci\u00e9t\u00e9 de s\u00e9curit\u00e9 WordPress, il reste \u00e0 ce jour non r\u00e9solu.  Pour aggraver les choses, le plugin a \u00e9t\u00e9 ferm\u00e9 et n&#8217;est plus activement maintenu.<\/p>\n<p>Wordfence, qui prot\u00e8ge plus de 1 000 sites Web sur lesquels le plugin est install\u00e9, a d\u00e9clar\u00e9 avoir bloqu\u00e9 en moyenne 443 868 tentatives d&#8217;attaque par jour depuis le d\u00e9but du mois.<\/p>\n<div class=\"separator\" style=\"clear: both;\"><img decoding=\"async\" alt=\"Vuln\u00e9rabilit\u00e9 du plugin WordPress Page Builder\" border=\"0\" data-original-height=\"456\" data-original-width=\"728\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/07\/Les-experts-remarquent-une-augmentation-soudaine-de-lexploitation-de-la.jpg\" title=\"Vuln\u00e9rabilit\u00e9 du plugin WordPress Page Builder\"\/><\/div>\n<p>Les attaques ont \u00e9man\u00e9 de 10 215 adresses IP, la majorit\u00e9 des tentatives d&#8217;exploitation \u00e9tant r\u00e9duites \u00e0 10 adresses IP.  Celles-ci impliquent le t\u00e9l\u00e9chargement d&#8217;une archive ZIP contenant un fichier PHP malveillant qui permet \u00e0 l&#8217;attaquant de t\u00e9l\u00e9charger des fichiers malveillants sur le site Web infect\u00e9.<\/p>\n<div class=\"ad_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/crowdsec-tour-d\" target=\"_blank\" title=\"CyberSecurity\"><img loading=\"lazy\" decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/07\/1658157569_685_Les-experts-remarquent-une-augmentation-soudaine-de-lexploitation-de-la.jpg\" width=\"728\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Le but de la campagne, semble-t-il, est d&#8217;ins\u00e9rer du code dans des fichiers JavaScript par ailleurs l\u00e9gitimes et de rediriger les visiteurs du site vers des sites Web malveillants.  Il convient de noter que les attaques ont \u00e9t\u00e9 suivies par Avast et Sucuri sous les noms Parrot TDS et NDSW, respectivement.<\/p>\n<p>Entre 4 000 et 8 000 sites Web auraient le plugin install\u00e9, ce qui rend imp\u00e9ratif que les utilisateurs le suppriment de leurs sites WordPress pour contrecarrer les attaques potentielles et trouver une alternative appropri\u00e9e.<\/p>\n<p><\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/07\/experts-notice-sudden-surge-in.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Les chercheurs de Wordfence ont sonn\u00e9 l&#8217;alarme concernant un pic &#8220;soudain&#8221; de cyberattaques tentant d&#8217;exploiter une faille non corrig\u00e9e dans un plugin WordPress appel\u00e9 Modules Kaswara Modern WPBakery Page Builder. Suivi comme CVE-2021-24284le probl\u00e8me est not\u00e9 10.0 sur le syst\u00e8me de notation des vuln\u00e9rabilit\u00e9s CVSS et concerne un t\u00e9l\u00e9chargement de fichier arbitraire non authentifi\u00e9 qui [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[6330,41305,4168,4158,4165,4161,692,4157,4159,4171,4170,65,14592,4167,4160,4163,4162,4324,51599,7496,4172,4169,10048,196,4166,3667,4164,51600],"class_list":["post-264258","post","type-post","status-publish","format-standard","hentry","category-technologie","tag-augmentation","tag-builder","tag-comment-pirater","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-experts","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-les","tag-lexploitation","tag-logiciel-malveillant-de-ransomware","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-page","tag-plugin","tag-remarquent","tag-securite-informatique","tag-securite-internet","tag-soudaine","tag-une","tag-violation-de-donnees","tag-vulnerabilite","tag-vulnerabilite-logicielle","tag-wordpress"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/264258","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=264258"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/264258\/revisions"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=264258"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=264258"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=264258"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}