ET WEB_SERVER Possible Custom Content Type Manager WP Backdoor Access

SID: 2022596Rev: 40 views
History
Sourceet/open
CreatedMarch 7, 2016
UpdatedJune 24, 2020
Classificationtrojan-activity
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible Custom Content Type Manager WP Backdoor Access"; flow:established,to_server; http.uri; content:"/plugins/custom-content-type-manager/auto-update.php"; fast_pattern; nocase; reference:url,blog.sucuri.net/2016/03/when-wordpress-plugin-goes-bad.html; classtype:trojan-activity; sid:2022596; rev:4; metadata:created_at 2016_03_07, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_06_24;)

References

urlblog.sucuri.net/2016/03/when-wordpress-plugin-goes-bad.html

Metadata

created at2016_03_07
confidenceMedium
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2020_06_24

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!