Hackers exploit bug in WordPress gift card plugin with 50K installs

Hackers are actively targeting a critical flaw in YITH WooCommerce Gift Cards Premium, a WordPress plugin used on over 50,000 websites.

YITH WooCommerce Gift Cards Premium is a plugin that website operators to sell gift cards in their online stores.

Exploiting the vulnerability, tracked as CVE-2022-45359 (CVSS v3: 9.8), allows unauthenticated attackers to upload files to vulnerable sites, including web shells that provide full access to the site.

CVE-2022-45359 was disclosed to the public on November 22, 2022, impacting all plugin versions up to 3.19.0. The security update that…


More Info

About mblog.my

Check Also

WordPress SEO Agency: How To Choose The Right SEO Agency

What if we told you that it’s possible for your WordPress website to show up …

Leave a Reply

Your email address will not be published. Required fields are marked *