Security researchers have detected a massive campaign that scanned close to 1.6 million WordPress sites for the presence of a vulnerable plugin that allows uploading files without authentication.
The attackers are targeting the Kaswara Modern WPBakery Page Builder, which has been abandoned by its author before receiving a patch for a critical severity flaw tracked as CVE-2021-24284.
While the size of the campaign is impressive, with 1,599,852 unique sites being targeted, only a small portion of them are running the vulnerable plugin.
Researchers at Defiant, the maker of the Wordfence security solution for WordPress, observed an average of almost half a million attack attempts per day against customer sites they protect.
Indistinct large-scale attacks
Based on Wordfence telemetry data, the attacks started on July 4 and continue to this day. and are still ongoing today at an average of 443,868 attempts every day.