Skip to content
Tech News
← Back to articles

Australia warns of global campaign targeting vulnerable CMS platforms

read original more articles

The Australian Cyber Security Centre (ACSC) issued an alert about a global exploitation campaign targeting vulnerable content management systems (CMS) and plugins.

The government agency says that many Australian businesses have already been affected by the malicious activity, with webshells being deployed on their sites.

Webshells provide persistent access to the compromised sites and allow threat actors to disrupt services, steal credentials, plant additional malware, and move deeper into the network.

“A large-scale exploitation campaign is targeting various vulnerabilities in content management systems (CMS) globally, including in Australia, with many small- to medium-sized Australian businesses impacted,” the ACSC warns.

“As part of this campaign, malicious cyber actors are actively scanning websites for opportunities to deploy webshells, leveraging various vulnerabilities affecting CMS software and plugins.”

According to the agency, the activity leverages flaws in several CMS platforms and plugins, including WordPress, Craft CMS, MaxSite CMS, MetInfo CMS, and Joomla JCE. ACSC lists the following products exploited in the campaign:

Simple File List (WordPress) – CVE-2025-34085/CVE-2020-36847

WavePlayer (WordPress) – CVE-2025-12057

BerqWP (WordPress) – CVE-2025-7443

WPBookit (WordPress) – CVE-2025-7852

... continue reading