Threat actors are scanning for sites running the Fancy Product Designer plugin to exploit a zero-day bug allowing them to upload malware.
Fancy Product Designer is a visual product configurator plugin for WordPress, WooCommerce, and Shopify, and it allows customers to customize products using their own graphics and content.
According to sales statistics for the plugin, Fancy Product Designer has been sold and installed on more than 17,000 websites.
Zero-day also impacts WooCommerce sites
Zero-days are publicly disclosed vulnerabilities vendors haven’t patched, which, in some cases, are…