Advertisement
Top
image credit: Pexels

Thousands of WordPress sites hit by gift card plugin flaw

December 27, 2022

Via: TechRadar
Category:

Thousands of WordPress websites were found using a vulnerability add-on that allows threat actors to take over the site entirely.

Researchers uncovered a critical flaw in YITH WooCommerce Gift Cards Premium, an add-on for the website builder providing an interface to build gift cards on WordPress sites, which is reportedly being used by more than 50,000 websites.

The flaw itself is an unauthenticated arbitrary file upload vulnerability, allowing crooks, among other things, to upload web shells and gain full access to the target website.

Read More on TechRadar

RELATED PUBLICATIONS

Google fixed critical Chrome vulnerability CVE-2024-4058
Palo Alto Networks Warns of Exploited Firewall Vulnerability
Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Google fixed critical Chrome vulnerability CVE-2024-4058
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!