News BriefsMassive WooCommerce exploit underway

Massive WooCommerce exploit underway

Security response author Wordfence reports that attacks have escalated on the WooCommerce Payments plug-in, software used by many small business owners to manage payments on their ecommerce websites.

The attacks target a known vulnerablility, CVE-2023-28121, and began on July 14, 2023. Wordfence has catalogued a peak of 1.3 million attacks against 157,000 websites on July 16.

The exploit attempts to install the WP Console plug-in as a gateway to execute malicious code including a file uploader to establish persistence of the payload.

Read the full Wordfence report here.

🤞 Get connected!

A once weekly email notification of new stories on TechNewsTT. Just that. No spam.

Possible UI Glitch. Click top right corner to dismiss 👉

Get Connected!

A once weekly email notification of new stories on TechNewsTT.

Just that. No spam.

RELATED POSTS