Wordpress

ThemeREX Addons – Remote Code Execution (0day, Being Exploited)

Published by Wordfence: 2020-02-18
No known CVE

“This flaw allows attackers to remotely execute code on a site with the plugin installed, including the ability to execute code that can inject administrative user accounts.
This vulnerability has not yet been patched. We are only trying to get the word out so people can remove the plugin temporarily as the vulnerability is being actively exploited. ”

Basefarm considers this a Base CVSS Score: 9.8 (Critical) – there is no fix and it is currently being actively exploited.

Basefarm has done some initial investigations regarding the use of this WordPress Theme, but has not identified any customers or internal usage. Basefarm has decided not to track this vulnerability further internally, but want to make it visible by posting this vulnerability bulletin.