ACSC Releases Second Alert in Two Months as Unresolved CMS Vulnerabilities Persist in Being Abused


We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!

Brief Overview

  • ACSC has issued a second warning within two months concerning CMS vulnerabilities.
  • 17 vulnerabilities are being exploited on a global scale, impacting Australian SMEs.
  • Updates are provided for all identified vulnerabilities.
  • Administrators should verify for signs of infection.
  • Users of managed hosting should ask about monitoring for breaches.

ACSC’s Second CMS Warning in a Two-Month Span

Widespread Exploitation of Flaws

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has issued a second notification in a mere two months concerning flaws in content management systems (CMS). This warning highlights a global initiative exploiting 17 particular vulnerabilities, affecting websites run by small to medium-sized enterprises (SMEs) throughout Australia and beyond.

Vulnerabilities in Key CMS Systems

The vulnerabilities are present across various major CMS platforms, encompassing WordPress plugins, Craft CMS, MaxSite CMS, MetInfo CMS, and Joomla’s JCE editor. Several of these issues date back to 2024, demonstrating persistent security deficiencies that remain unresolved for numerous users.

Prior Notifications and Current Exploits

The recent alert follows an earlier warning from ACSC regarding the ClickFix campaign, which involved compromised WordPress sites that distributed the Vidar Stealer malware. In spite of available patches, the ACSC observes continued exploitation attempts on vulnerabilities such as CVE-2025-32432 in Craft CMS, which was initially exploited as a zero-day vulnerability.

Advice for Administrators and Hosting Companies

Administrators are encouraged to locate and address signs of compromise, such as webshells and harmful scripts, and to install all applicable security updates. The ACSC also recommends turning off vulnerable components if immediate patching is not achievable. Users of managed hosting services should engage with their providers to discuss how they monitor and handle exploitation efforts.

Conclusion

The latest alert from the ACSC emphasizes the ongoing risk presented by unpatched CMS vulnerabilities, impacting many Australian businesses. With updates readily available, prompt installations and proactive security strategies are crucial to protect against exploitation.

Reader questions

Frequently asked questions

Fast answers to the questions readers ask most about ACSC Releases Second Alert in Two Months as Unresolved CMS Vulnerabilities Persist in Being Abused.

Why did the ACSC send another alert in such a short time?

The ACSC identified persistent exploitation of existing vulnerabilities in CMS platforms, necessitating another alert to highlight the urgency of applying patches.

Which CMS platforms are impacted by these flaws?

The vulnerabilities impact platforms that include WordPress, Craft CMS, MaxSite CMS, MetInfo CMS, and Joomla’s JCE editor.

What actions should website administrators undertake?

Administrators should search for indicators of compromise, implement security updates, and disable vulnerable components if patches cannot be applied without delay.

How can businesses utilizing managed hosting guarantee their security?

Businesses should consult with their hosting providers regarding their monitoring methods and responses to active exploit attempts.

Are any vulnerabilities actively being exploited as zero-days?

Indeed, CVE-2025-32432 in Craft CMS was targeted as a zero-day prior to the patch release in April 2025.

Posted by Matthew Miller

Matthew Miller is a Brisbane-based Consumer Technology Editor at Techbest covering breaking Australia tech news.

Leave a Reply

Your email address will not be published. Required fields are marked *