CSIRT Panam\u00e1 Aviso 2023-ene-31 – Malware para Linux afecta plugins de WordPress
Gravedad: media
Fecha de publicaci\u00f3n: enero 31, 2023
\u00daltima revisi\u00f3n: enero 31, 2023
https:\/\/blog.segu-info.com.ar\/2023\/01\/nuevo-malware-para-linux-afecta-plugins.html<\/p>\n\n\n\n
Sistemas Afectados:
Plugins de WordPress:<\/p>\n\n\n\n
WP Live Chat Support
Yuzo Related Posts (5.12.89)
Yellow Pencil Visual CSS Style Editor (< 7.2.0)
Easy WP SMTP (1.3.9)
WP GDPR Compliance (1.4.2)
Newspaper (CVE-2016-10972, 6.4 – 6.7.1)
Thim Core
Smart Google Code Inserter (discontinued as of January 28, 2022, < 3.5)
Total Donations (<= 2.0.5)
Post Custom Templates Lite (< 1.7)
WP Quick Booking Manager
Live Chat with Messenger Customer Chat by Zotabox (< 1.4.9)
Blog Designer (< 1.8.12)
WordPress Ultimate FAQ (CVE-2019-17232 and CVE-2019-17233, 1.24.2)
WP-Matomo Integration (WP-Piwik)
ND Shortcodes (<= 5.8)
WP Live Chat (8.0.27)
Coming Soon Page and Maintenance Mode (<= 5.1.0)
Hybrid
Brizy
FV Flowplayer Video Player
WooCommerce
Coming Soon Page & Maintenance Mode
Onetone
Simple Fields
Delucks SEO
Poll, Survey, Form & Quiz Maker by OpinionStage
Social Metrics Tracker
WPeMatico RSS Feed Fetcher, and
Rich Reviews<\/p>\n\n\n\n
I. Descripci\u00f3n<\/p>\n\n\n\n
Varios sitios de WordPress est\u00e1n siendo atacados por una variedad de malware de Linux que aprovecha las fallas en m\u00e1s de dos docenas de complementos y temas para comprometer los sistemas vulnerables.<\/p>\n\n\n\n
II. Impacto<\/p>\n\n\n\n
“Si los sitios usan versiones desactualizadas de dichos complementos, que carecen de soluciones cruciales, las p\u00e1ginas web seleccionadas pueden ser inyectadas con JavaScripts maliciosos”, dijo el proveedor de seguridad ruso Doctor Web en un informe publicado la semana pasada. “Como resultado, cuando los usuarios hacen clic en cualquier \u00e1rea de una p\u00e1gina atacada, son redirigidos a otros sitios”.<\/p>\n\n\n\n
Los ataques implican armar una lista de vulnerabilidades de seguridad conocidas en 19 complementos y temas diferentes que probablemente est\u00e9n instalados en un sitio de WordPress, us\u00e1ndolo para implantar un script que puede apuntar a un sitio web espec\u00edfico para expandir a\u00fan m\u00e1s la red.<\/p>\n\n\n\n
III. Fuente<\/p>\n\n\n\n
Puede ver la nota completa en el sitio SEGURinfo.ar<\/p>\n\n\n\n
https:\/\/blog.segu-info.com.ar\/2023\/01\/nuevo-malware-para-linux-afecta-plugins.html<\/p>\n\n\n\n
IV. Informaci\u00f3n de contacto
CSIRT PANAMA
Computer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental
E-Mail: info@cert.pa
Phone: +507 520-CERT (2378)
Web: https:\/\/cert.pa
Twitter: @CSIRTPanama
Facebook: http:\/\/www.facebook.com\/CSIRTPanama
Key ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"
CSIRT Panam\u00e1 Aviso 2023-ene-31 – Malware para Linux afecta plugins de WordPressGravedad: mediaFecha de publicaci\u00f3n: enero 31, 2023\u00daltima revisi\u00f3n: enero 31, 2023https:\/\/blog.segu-info.com.ar\/2023\/01\/nuevo-malware-para-linux-afecta-plugins.html Sistemas Afectados:Plugins de WordPress: WP Live Chat SupportYuzo Related Posts (5.12.89)Yellow Pencil Visual…<\/p>\n","protected":false},"author":4,"featured_media":846,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[14],"class_list":["post-3250","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-wordpress"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/3250","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3250"}],"version-history":[{"count":1,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/3250\/revisions"}],"predecessor-version":[{"id":3251,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/3250\/revisions\/3251"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/846"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3250"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3250"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3250"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}