Advertisement
Top

Crooks exploit a zero-day in WordPress eCommerce Plugin to upload a backdoor

October 19, 2016

Via: Security Affairs
Category:

According to the experts from the firm White Fir Design, crooks exploited a zero-day flaw in an e-commerce plugin for WordPress to upload backdoors to affected websites.

The plugin is WP Marketplace, a plugin for the popular WordPress CMS that implements e-commerce features. The plugin is not so popular, it is installed on less than 500 websites worldwide and the bad news it that it is no longer maintained, so the security holes will never be patched. The WP Marketplace was not updated in the last 8 months and last week it was removed from the official WordPress Plugin Directory.

Read More on Security Affairs

RELATED PUBLICATIONS

ASEAN organizations dealing with growing cyber menace
Europol confirms incident following alleged auction of staff data
UK Ministry of Defense disclosed a third-party data breach exposing military personnel data 

Latest Publications

ASEAN organizations dealing with growing cyber menace
Europol confirms incident following alleged auction of staff data
Russia-linked APT28 targets government Polish institutions
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!