A critical vulnerability in a WordPress plugin under active attack, risking over 17,000 websites
A critical vulnerability in a WordPress plugin under active attack, risking over 17,000 websites
A zero-day vulnerability allows attackers to upload malicious files on e-commerce websites, eventually taking over their databases for customer information.
advertisement
(Image for representation: Reuters)
A new security risk has been discovered by the Threat Intelligence team at Wordfence.
The vulnerability affects a WordPress plugin that allows the upload of images and PDF files for products.
A threat report states that it is under active attack since January 30, 2021.
A new vulnerability has been found in a WordPress plugin that affects over 17,000 websites. The vulnerability is actively being exploited to collect customer information from these e-commerce sites.