WordPress.Bricks.Plugin.Query.Loop.Command.Injection
Description
This indicates an attack attempt against a Remote Code Execution vulnerability in WordPress Bricks plugin.
The vulnerability is due to insufficient check on values being passed to a Bricks plugin builder. A remote attacker may be able to exploit this to execute arbitrary remote code within the context of the vulnerable server.
Affected Products
WordPress Bricks Plugin versions prior to 1.9.6.1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://bricksbuilder.io/release/bricks-1-9-6-1/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2024-03-27 | 27.756 | Sig Added |
2024-03-20 | 27.752 | Default_action:pass:drop |
2024-03-14 | 27.749 |