Generic filters
Exact matches only
Search in title
Search in content
Filter by Custom Post Type
Filter by Categories

WordPress Plugin Flaw Leads to 3,300 Sites Hacked

In January, Sucuri researchers discovered the Balada Injector malware affecting over 7,100 WordPress sites via a Popup Builder plugin vulnerability. This campaign, starting December 13, exploited the flaw (CVE-2023-6000, CVSS 8.8) in earlier Popup Builder versions. Recently, over 3,300 websites fell victim to this issue, with Sucuri’s SiteCheck finding Balada Injector on 1,170 sites.



Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.