Top Five Attacking IPs This Month: Their Locations May Not Be Where You Think

At Wordfence, we see large amounts of threat actor data, and often that data tells unexpected stories. Taking a look at just the top five attacking IP addresses over a 30 day period, you might be surprised to find out where these attacks are originating, and what they are doing. When most people...

The vulnerability of the `add_custom_font` function in the Tatsu Builder template editing plugin for WordPress website content management system allows a hacker to execute arbitrary code.

The vulnerability of the addCustomFont function in the Tatsu Builder template editing plugin for WordPress content management systems is related to the ability to download unlimited dangerous files. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by downloadi...

Tatsu Builder Plugin for WordPress < 3.3.13 Remote Code Execution

The WordPress Tatsu Builder Plugin installed on the remote host is affected by an unauthenticated remote code execution. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

Millions of Attacks Target Tatsu Builder Plugin

The Wordfence Threat Intelligence team has been tracking a large-scale attack against a Remote Code Execution vulnerability in Tatsu Builder, which is tracked by CVE-2021-25094 and was publicly disclosed on March 24, 2022 by an independent security researcher. The issue is present in vulnerable...

Exploit for Missing Authentication for Critical Function in Brandexponents Tatsu

Preauth RCE in Tatsu builder Wordpress plugin CVE-2021-25094...