WordPress Bricks Builder, a popular site building plugin and WordPress theme, is being actively targeted by hackers due to a critical vulnerability that allows unauthenticated attackers to perform remote code execution (RCE). The Bricks plugin vulnerability, tracked as CVE-2024-25600, “means that anybody can run arbitrary commands and take over the site/server,” according to WordPress development and security company Snicco, which discovered the bug.

Source: SC Magazine