Widespread Attack on WordPress Sites Targets Tatsu Builder Plug-in

18-May-22

Tatsu Builder, a no-code page builder WordPress plug-in, has a known remote code execution (RCE) bug that is actively being exploited, exposing up to 50,000 sites to takeover, according to researchers.

On March 24, a “widespread” assault aiming to exploit CVE-2021-25094 was officially revealed. Tatsu Builder’s premium and free editions are equally affected by the vulnerability. Read More…