Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites

18

Jul

2023

Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites

image credit: unsplash

Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign.

The flaw, tracked as CVE-2023-28121 (CVSS score: 9.8), is a case of authentication bypass that enables unauthenticated attackers to impersonate arbitrary users and perform some actions as the impersonated user, including an administrator, potentially leading to site takeover.

Archives

Archives

About Us

Our mission is to help users and also IT security passionate to reach relevant information related to cyber security.

This publication contains a lot of information and guidance on how to better protect your IT systems, data and activities from malicious factors, and also on how to safely navigate the Internet.

We look forward to hearing from you about cyber safety. Please let us know if there’s something specific you’re interested in learning about.

Contact Us

Name *
Your name is required

E-mail *
Email address entered is invalid

Please enter a message

Incorrect security code

The Latest in IT Security

Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites

Categories

Featured

Archives

Latest Comments

About Us

Contact Us