WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites

2024-05-28 06:30

Unknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victim sites that are capable of harvesting credit card data. The campaign, observed by Sucuri on May 11, 2024, entails the abuse of a WordPress plugin called Dessky Snippets, which allows users to add custom PHP code. It has over 200 active installations.

News URL

https://thehackernews.com/2024/05/wordpress-plugin-exploited-to-steal.html

#creditcard #ecommerce #wordpress

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Wordpress		49	36	409	104	29	578
Plugin		2	0	13	0	0	13

News URL

Related news

Related vendor