Hackers are creating backdoor accounts and cookie files on WordPress sites running OneTone


Image via The Creative Exchange

Hackers are actively targeting WordPress sites running the OneTone theme to exploit a vulnerability that allows them to read and write site cookies and create backdoor admin accounts.

The campaign has been going since the start of the month, and it’s still underway.

The vulnerability is a cross-site scripting (XSS) bug in OneTone, a popular but now…


More Info

About mblog.my

Check Also

WordPress Considers Dropping Support for IE 11

High Maintenance for Developers Downsides of Dropping Support WordPress is Seeking Feedback Citation WordPress announced …