Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
WordPress Super Socialat backdoor plugin - Vulnerability Database

WordPress Super Socialat backdoor plugin

Description

After a WordPress website is compromised, some attackers install a fake backdoor WordPress plugin to maintain access to the compromised website. This plugin is called Super Socialat and can be used to execute arbitrary PHP code.

The backdoor is present in the file /wp-content/plugins/super-socialat/super_socialat.php.

Remediation

Remove the Super Socialat backdoor plugin by deleting the file <strong>/wp-content/plugins/super-socialat/super_socialat.php</strong>.

References

Fake Super Socializer Plugin

Related Vulnerabilities

Cisco IOS XE Web UI Implant (CVE-2023-20198) Critical
Common tags: Code Execution Malware
Check for apache versions up to 1.3.25, 2.0.38 High
Common tags: Code Execution
Drupal Core 6.x Remote Code Execution (6.0 - 6.38) High
Common tags: Code Execution
Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.4.8) High
Common tags: Code Execution
Drupal Core 8.6.x Remote Code Execution (8.6.0 - 8.6.9) High
Common tags: Code Execution

Severity

High

Classification

CWE-94
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Code Execution
Malware