Versions (2)
Version DetailsCurrent
Rev: 1 • May 30, 2023, 12:00 PMET WEB_SPECIFIC_APPS Wordpress - Successful Check for Malicious posts-layout (post-layout Doppelganger) Plugin - Infected Web Server
alert http [$HOME_NET,$HTTP_SERVERS] any -> $EXTERNAL_NET any (msg:"ET WEB_SPECIFIC_APPS Wordpress - Successful Check for Malicious posts-layout (post-layout Doppelganger) Plugin - Infected Web Server"; flow:established,to_client; http.response_body; content:"3ad7c2ebb96fcba7cda0cf54a2e802f5"; fast_pattern; reference:url,blog.sucuri.net/2023/05/vulnerability-in-essential-addons-for-elementor-leads-to-mass-infection.html; classtype:web-application-activity; sid:2045883; rev:1; metadata:affected_product Wordpress, attack_target Web_Server, created_at 2023_05_30, deployment Perimeter, deployment SSLDecrypt, performance_impact Low, confidence High, signature_severity Critical, updated_at 2023_05_30; target:src_ip;)
May 30, 2023, 12:00 PM
May 30, 2023, 12:00 PM
May 30, 2023, 10:00 PM
May 30, 2023, 10:00 PM
rules/emerging-web_specific_apps.rules