Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites

Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign.
The flaw, tracked as CVE-2023-28121 (CVSS score: 9.8), is a case of authentication bypass that enables unauthenticated attackers to impersonate arbitrary users and perform some actions as the impersonated user, including an Read More

The Hacker News | #1 Trusted Cybersecurity News Site

July 18, 2023

Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign. The flaw, tracked as CVE-2023-28121 (CVSS score: 9.8), is a case of authentication bypass that enables unauthenticated attackers to impersonate arbitrary users and perform some actions as the impersonated user, including an <a href="http://thehackernews.com/2023/07/cybercriminals-exploiting-woocommerce.html" target="_blank" class="feedzy-rss-link-icon" rel="noopener">Read More</a> The Hacker News | #1 Trusted Cybersecurity News Site

The Hacker News | #1 Trusted Cybersecurity News Site

About The Author

See author's posts

Related Stories

Bluetooth 6.1 enhances privacy with randomized RPA timing

ChatGPT is finally adding Download as PDF for Deep Research

Microsoft Teams will soon block screen capture during meetings