Security News > 2019 > May > Attackers are exploiting WordPress plugin flaw to inject malicious scripts
2019-05-30 11:28
Attackers are leveraging an easily exploitable bug in the popular WP Live Chat Support plugin to inject a malicious JavaScript in vulnerable sites, Zscaler warns. The company has discovered 47 affected sites (some have been cleaned up in the meantime) but that number is unlikely to be final. The source of the compromise The stored cross-site script vulnerability vulnerability the attackers are exploiting was discovered by Sucuri researchers earlier this year and the plugin developers … More → The post Attackers are exploiting WordPress plugin flaw to inject malicious scripts appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/IXdih2_IEKk/