Description
Thrive Themes has published a security update for its recently discovered vulnerabilities in Thrive Suite on 25th March 2021. Despite these patches, attackers continue to exploit users who have not yet applied these updates. It is recommended that you take the necessary precautions by ensuring your products are always updated.
Summary
Two vulnerabilities were discovered across both these Legacy Themes and plugins, and patches were subsequently released on March 12. The flaws could be chained together to allow unauthenticated attackers to ultimately upload arbitrary files on vulnerable WordPress sites allowing for website compromise.
How it works
Attackers are using the Unauthenticated Option Update vulnerability to update an option in the database that can then be used by the Unauthenticated Arbitrary File Upload vulnerability to upload a malicious PHP file. The combination of these two vulnerabilities is allowing attackers to gain backdoor access into vulnerable sites to further compromise them
Solution
Below is a list of the updated versions:
For more information on these Thrive Themes updates you can follow this URL:
https://changelog.thrivethemes.com/
The Guyana National CIRT recommends that users and administrators review this alert and apply updates where necessary.
PDF Download: Active Exploits Hit WordPress Sites Vulnerable to Thrive Themes Flaws.pdf
References
https://threatpost.com/active-exploits-wordpress-sites-thrive-themes/165013/