Security News > 2024 > May > WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites

WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites
2024-05-28 06:30

Unknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victim sites that are capable of harvesting credit card data. The campaign, observed by Sucuri on May 11, 2024, entails the abuse of a WordPress plugin called Dessky Snippets, which allows users to add custom PHP code. It has over 200 active installations.


News URL

https://thehackernews.com/2024/05/wordpress-plugin-exploited-to-steal.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Wordpress 7 2 93 44 18 157
Plugin 2 0 13 1 0 14