CVE-2024-25600

Name of the Vulnerable Software and Affected Versions Bricks Builder versions 1.9.6 and earlier

Description A critical remote code execution vulnerability in Bricks Builder, a WordPress site builder, allows unauthenticated attackers to execute arbitrary PHP code on vulnerable installations. This issue affects over 25,000 websites and is being actively exploited by threat actors. The vulnerability is caused by improper control of code generation, enabling attackers to run malicious PHP code on susceptible installations.

Recommendations For Bricks Builder version 1.9.6 and earlier: Update to version 1.9.6.1 or later to mitigate the risk of remote code execution. As a temporary workaround, consider disabling any vulnerable functions or modules in Bricks Builder until a patch is available. Restrict access to the Bricks Builder plugin to minimize the risk of exploitation. Avoid using any potentially vulnerable parameters or variables in the Bricks Builder plugin until the issue is resolved. Apply additional security measures, such as installing security plugins like Wordfence or Sucuri, using strong passwords, and regularly backing up the website.