Hackers have exploited a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 WordPress sites with malicious code. The flaw, tracked as CVE-2023-6000, affects Popup Builder version 4.2.3 and earlier versions. The primary purpose of the injections appears to be redirecting visitors of infected sites to malicious destinations such as phishing pages and malware-dropping sites. If infected, removal operations include deleting malicious entries from the Popup Builder’s custom section and scanning for hidden backdoors to prevent re-infection. At least 80,000 active sites using Popup Builder 4.1 or earlier versions are still at risk.
Read more at: www.bleepingcomputer.com