The Balada Injector gang is actively exploiting vulnerabilities in tagDiv premium themes, such as the recently disclosed Unauthenticated Stored XSS vulnerability, to inject malware into websites.

Balada Injector Targets Unpatched tagDiv Plugin, Themes on WordPress Sites

The article discusses a recent wave of malware injections targeting websites that use the tagDiv Composer plugin with tagDiv premium themes Newspaper and Newsmag. The attacks exploit an Unauthenticated Stored XSS vulnerability in the plugin. The article provides details on different waves of the Balada Injector campaign, including the injected scripts and their functionality. The attackers aim to maintain control over compromised sites by uploading backdoors, adding malicious plugins, and creating rogue administrators. The article also highlights the evolving tactics of the Balada Injector gang and provides mitigation steps.

Back to Home


  • No comments yet.