On March 23, 2021, the Wordfence Threat Intelligence Team discovered two recently patched vulnerabilities being actively exploited in Thrive Theme’s “Legacy” Themes and Thrive Theme plugins that were chained together to allow unauthenticated attackers to upload arbitrary files on vulnerable WordPress sites. They estimate that more than 100,000 WordPress sites are using Thrive Theme products that may still be vulnerable.
Patches were released on March 12, 2021 for the vulnerable themes and plugins. WordFence is seeing these vulnerabilities being actively exploited in the wild, and they urge users to update to the latest versions available immediately since they contain a patch for these vulnerabilities.
Update from March 26:
Active Exploitation Continues on Unpatched Thrive Themes