Global CyberSecurity

Thousands of Sites with Popup Builder Compromised by Balada Injector

0

Published on 01/10/2024 – Last Updated on 01/11/2024 by OTC

On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was fixed in version 4.2.3.

A couple of days later, on December 13th, the Balada Injector campaign started infecting websites with older versions of the Popup Builder. The attack used a freshly registered (December 13) domain specialcraftbox[.]com. At the current time of writing PublicWWW detects the injection on over 6,200 sites.

Continue reading Thousands of Sites with Popup Builder Compromised by Balada Injector at Sucuri Blog.

Sky Innovations Unleashed: Exploring American V-22 Osprey the Ultimate Tiltrotor Aircraft

Previous article

All You Need to Know About Tactical Capabilities of Russian T-90M Tank in Combat Operations Ukraine

Next article

You may also like

Comments

Comments are closed.