WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites


Unknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victim sites that are capable of harvesting credit card data.
The campaign, observed by Sucuri on May 11, 2024, entails the abuse of a WordPress plugin called Dessky Snippets, which allows users to add custom PHP code. It has over 200 active installations.







2024-05-28 06:30:00


0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *