The critical vulnerability, tracked as CVE-2021-24284, allows an unauthenticated threat actor to inject malicious Javascript code into sites using any version of the plugin, resulting in a complete site takeover. Additionally, a trojan malware called NDSW is deployed that will redirect visitors to phishing and harmful advertising pages by injecting malicious code into legitimate Javascript files.[/vc_column_text][vc_empty_space height=”15px”][vc_single_image image=”12490″ img_size=”full” add_caption=”yes” alignment=”center”][vc_column_text]Due to the low probability of getting an update, it is recommended that the plugin be removed from use immediately, and alternatives should be found.
In addition, even if the plugin is not used, it is recommended that the IP addresses detected in the attack campaign be blocked from the security devices in use.[/vc_column_text][vc_empty_space][/vc_column][/vc_row]