Balada Injector continues to infect thousands of WordPress sites
Security Affairs
JANUARY 15, 2024
The Balada injector is a malware family that has been active since 2017. On December 11, 2023 WPScan published a report on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was addressed in version 4.2.3. The malware supports multiple attack vectors and persistence mechanisms.
Let's personalize your content