November 18, 2020 at 11:35AM

■■■□□ Unknown threat actors are scanning for WordPress websites with Epsilon Framework themes installed on over 150,000 sites and vulnerable to Function Injection attacks that could lead to full site takeovers.

These attacks use POST requests to admin-ajax.php and as such do not leave distinct log entries, though they will be visible Wordfence Live Traffic.