We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file.

These cases are all linked to the same vulnerable software: WordPress Duplicator Plugin.

Versions lower than 1.2.42 of Snap Creek Duplicator plugin are vulnerable to a Remote Code Execution attack, where the malicious visitor is able to run any arbitrary code on the target site.

Continue reading Outdated Duplicator Plugin RCE Abused at Sucuri Blog.

Via Sucuri.net