ProHoster > Блог > ozi ịntanetị > Backdoor na 93 AccessPress plugins na gburugburu ejiri na saịtị 360 puku

Backdoor na 93 AccessPress plugins na gburugburu ejiri na saịtị 360 puku

Ndị mwakpo ahụ jisiri ike tinye azụ azụ n'ime 40 plugins na isiokwu 53 maka usoro njikwa ọdịnaya WordPress, nke AccessPress mepụtara, nke na-ekwu na a na-eji ihe mgbakwunye ya na saịtị 360 puku. E nwetabeghị nsonaazụ nyocha nke ihe merenụ, mana a na-eche na ewepụtara koodu ọjọọ ahụ n'oge nkwekọrịta nke weebụsaịtị AccessPress, na-eme mgbanwe na ebe nchekwa ebe a na-enye maka nbudata na mwepụta ndị ewepụtaralarị, ebe ọ bụ na azụ azụ dị ugbu a. naanị na koodu nke ekesara site na webụsaịtị AccessPress gọọmentị, mana anọghị n'otu mwepụta nke mgbakwunye ndị ahụ ekesara site na ndekọ WordPress.org.

Achọpụtara mgbanwe obi ọjọọ ahụ site n'aka onye nyocha na JetPack (nkewa nke WordPress Onye nrụpụta akpaaka) ka ọ na-enyocha koodu ọjọọ achọtara na webụsaịtị onye ahịa. Nnyocha nke ọnọdụ ahụ gosipụtara na mgbanwe ọjọọ dị na mgbakwunye WordPress nke ebudatara na webụsaịtị AccessPress gọọmentị. Ihe mgbakwunye ndị ọzọ sitere n'otu onye nrụpụta nọkwa n'okpuru mgbanwe ọjọọ nke nyere ohere ịnweta saịtị ahụ na ikike onye nchịkwa.

N'oge mgbanwe ahụ, ndị na-awakpo ahụ gbakwunyere faịlụ "initial.php" na ebe nchekwa na plugins na isiokwu, nke ejikọrọ site na ntụziaka "gụnyere" na faịlụ "functions.php". Iji gbagwojuru anya n'ụzọ ahụ, ọdịnaya ọjọọ dị na faịlụ "initial.php" bụ ihe mkpuchi dị ka ngọngọ nke data ndabere64. Ihe ntinye obi ojoo, n'okpuru nchikota nke inweta onyogho site na webụsaịtị wp-theme-connect.com, bujuru koodu backdoor ozugbo n'ime faịlụ wp-includes/vars.php.

Backdoor na 93 AccessPress plugins na gburugburu ejiri na saịtị 360 puku
Backdoor na 93 AccessPress plugins na gburugburu ejiri na saịtị 360 puku

Saịtị mbụ gụnyere mgbanwe obi ọjọọ na mgbakwunye AccessPress ka achọpụtara na Septemba 2021. A na-eche na ọ bụ mgbe ahụ ka etinyere azụ azụ n'ime ihe mgbakwunye. Ozi mbụ na AccessPress banyere nsogbu ahụ achọpụtara azaghị ya, na AccessPress nwere ike nweta nlebara anya mgbe o tinyechara ndị otu WordPress.org na nyocha ahụ. Na Ọktọba 15, 2021, e wepụrụ ebe nchekwa nchekwa nke ọnụ ụzọ azụ metụrụ na webụsaịtị AccessPress, ma wepụta ụdị mgbakwunye ọhụrụ na Jenụwarị 17, 2022.

Sucuri nyochara saịtị iche iche nke etinyere ụdị AccessPress emetụtara wee chọpụta na ọnụnọ nke modul ọjọọ juru n'ọnụ ụzọ azụ zitere spam na ntụgharị ntụgharị gaa na saịtị aghụghọ (modul ndị ahụ bụ ụbọchị 2019 na 2020). A na-eche na ndị dere azụ azụ na-ere ohere ịnweta saịtị ndị mebiri emebi.

Gburugburu ebe edere ngbanwe azụ azụ:

  • onye nnabata 1.0.0
  • Accesspress-isi 3.2.1
  • Accesspress-lite 2.92
  • Accesspress-mag 2.6.5
  • Accesspress-parallax 4.5
  • Accesspress-ray 1.19.5
  • accesspress-mgbọrọgwụ 2.5
  • Accesspress-staple 1.9.1
  • Accesspress-ụlọ ahịa 2.4.9
  • Agency-lite 1.1.6
  • ngwa ngwa 1.0.6
  • ọnụ ọgụgụ 1.0.4
  • onye na-ede blọgụ 1.2.6
  • ihe owuwu-lite 1.2.5
  • doko 1.0.27
  • mmuo 1.3.5
  • ụlọ ahịa ngwa ahịa 1.2.1
  • Foto 2.4.0
  • gaga-corp 1.0.8
  • gaga-lite 1.4.2
  • otu oghere 2.2.8
  • parallax-blog 3.1.1574941215
  • parallaxsome 1.3.6
  • 1.1.2
  • ntụgharị 1.3.1
  • 1.2.0
  • mpịakọta 2.1.0
  • Egwuregwu egwu egwu 1.2.1
  • ụlọ nkwakọba ihe 1.4.1
  • swing-lite 1.1.9
  • Onye nrụpụta 1.3.2
  • ụbọchị ụka 1.4.1
  • uncode-lite 1.3.1
  • unicon-lite 1.2.6
  • 1.2.7
  • vmagazine-lite 1.3.5
  • vmagazine-akụkọ 1.0.5
  • zigcy-nwa 1.0.6
  • zigcy-ihe ịchọ mma 1.0.5
  • zigcy-lite 2.0.9

Ngwa mgbakwunye nke achọpụtara ngbanwe azụ azụ:

  • accesspress-enweghị aha-biputere 2.8.0 2.8.1 1
  • accesspress-custom-css 2.0.1 2.0.2
  • accesspress-onwe-post-ụdị 1.0.8 1.0.9
  • accesspress-facebook-onwe-biputere 2.1.3 2.1.4
  • accesspress-instagram-nri 4.0.3 4.0.4
  • accesspress-pinterest 3.3.3 3.3.4
  • accesspress-social-counter 1.9.1 1.9.2
  • accesspress-social-akara ngosi 1.8.2 1.8.3
  • accesspress-social-nbanye-lite 3.4.7 3.4.8
  • accesspress-social-share 4.5.5 4.5.6
  • accesspress-twitter-auto-post 1.4.5 1.4.6
  • accesspress-twitter-feed 1.6.7 1.6.8
  • ak-menu-akara ngosi-lite 1.0.9
  • onye-otu 1.0.7 2
  • ap-kọntaktị-ụdị 1.0.6 1.0.7
  • ap-omenala-àmà 1.4.6 1.4.7
  • ap-mega-menu 3.0.5 3.0.6
  • ap-pricing-tables-lite 1.1.2 1.1.3
  • apex- ngosi-bar-lite 2.0.4 2.0.5
  • cf7-ụlọ ahịa-na-db-lite 1.0.9 1.1.0
  • nkọwa-gbanyụọ-nweta 1.0.7 1.0.8
  • akụkụ dị mfe-taabụ-cta 1.0.7 1.0.8
  • Everest-admin-isiokwu-lite 1.0.7 1.0.8
  • Everest-abịa-na-adịghị anya-lite 1.1.0 1.1.1
  • Everest-okwu-ọnụ-lite 2.0.4 2.0.5
  • Everest-counter-lite 2.0.7 2.0.8
  • Everest-faq-onye njikwa-lite 1.0.8 1.0.9
  • Everest-gallery-lite 1.0.8 1.0.9
  • Everest-google-places-nyocha-lite 1.0.9 2.0.0
  • Everest-nyocha-lite 1.0.7
  • Everest-tab-lite 2.0.3 2.0.4
  • Everest-timeline-lite 1.1.1 1.1.2
  • inline-oku-ka-eme ihe-builder-lite 1.1.0 1.1.1
  • ngwaahịa-slider-maka-woocommerce-lite 1.1.5 1.1.6
  • smart-logo-showcase-lite 1.1.7 1.1.8
  • akwụkwọ mpịakọta smart 2.0.8 2.0.9
  • smart-pịgharịa-na-elu-lite 1.0.3 1.0.4
  • ngụkọta-gdpr- nnabata-lite 1.0.4
  • ngụkọta-otu-lite 1.1.1 1.1.2
  • Onye na-ede akwụkwọ-igbe-lite 1.1.2 1.1.3
  • ụdị kacha-ewu-lite 1.5.0 1.5.1
  • woo-badge-designer-lite 1.1.0 1.1.1
  • wp-1-slider 1.2.9 1.3.0
  • wp-blog-onye njikwa-lite 1.1.0 1.1.2
  • wp-okwu-onye mmebe-lite 2.0.3 2.0.4
  • wp-kuki-ozi onye ọrụ 1.0.7 1.0.8
  • wp-facebook-nyocha-ihe ngosi-lite 1.0.9
  • wp-fb-onye ozi-bọtịnụ-lite 2.0.7
  • wp-ese n'elu-menu 1.4.4 1.4.5
  • wp-media-onye njikwa-lite 1.1.2 1.1.3
  • wp-popup-ọkọlọtọ 1.2.3 1.2.4
  • wp-popup-lite 1.0.8
  • wp-product-gallery-lite 1.1.1

isi: opennet.ru

Tinye a comment