The vulnerability is a flaw in the way the web shell works, which allows attackers to upload files to unprotected websites. This flaw can be exploited by attackers who have access to a web shell that gives full access to the website.
On 22 November 2022, a vulnerability called CVE-2022-45359 was made public. This vulnerability affects all versions of the plugin up to and including version 3.19.0, and the critical flaw was addressed in version 3.20.0. However, the people behind the plugin have already released version 3.21.0, which is recommended for users of the Gift card premium plugin to update. ..
Many people have not upgraded to the latest version of their computer, which makes it vulnerable to hackers. The hackers have already built a working method to attack them.
Wordfence has released a security bulletin that warns of an exploit that allows attackers to gain code execution and access to websites. The exploit is already underway, and the attackers are using it to obtain backdoors and start takeover attacks.
Wordfence discovered an exploit that was used in the attacks and they found that the vulnerability was in the plugin’s “import_actions_from_settings_panel,” a function that runs on the “admin_init” hook. Also, this function doesn’t perform CSRF (Cross-Site Request Forgery) or capable checks on vulnerable versions.
Android malware is stealing bank websites and crypto exchanges’ data, according to a new study. The malware is disguised as an app from a popular store, such as Google Play, and it steals user data including login credentials and other personal information. The study found that the malware was active on more than 100 banks and crypto exchanges in the past two months. It’s not clear how the malware got into these institutions’ systems, but it’s possible that it was downloaded from a malicious website or downloaded through an infected computer. If you’re concerned about your bank website or crypto exchange being affected by Android malware, you should take steps to protect yourself by installing security patches and/or using anti-virus software. You can also check to see if your institution has been included in a recent study of Android malware victims released by Google.
The attackers are using the framework wp_admin_post to upload a malicious PHP executable on the website.
Wordfence is a security software company that offers a yith_wocommerece_gift_cards_panel_a_ywgc_safe_submit_field set to importing_gift_cards and a payload in the file_import_csv file parameters added Wordfence.
The website owner is under attack and is requesting unusual POST requests from an unknown IP address. This indicates that the website is under attack and may need help to stay online.
Wordfence saw these files.
Wordfence believes that the attacks that majority of the attacks happened in November before the plugin admin could path the critical flaw. In addition to this, Wordfence has observed a second wave of attacks on December 14, 2022.
This IP address was the source of the attack that launched 19,604 exploitation attempts at 10,936 websites and the second IP address used is 188.66.0.135, which performed 1,220 attacks against 908 WordPress websites.
The latest version of the YTTH Gift card premium plugin is recommended for users of the site, as exploration of the site’s pages has continued to be a problem.
A hacker group known as Muddy Water has been using compromised corporate emails to send phishing messages to unsuspecting victims. The group has been active for over a year, and has reportedly stolen millions of dollars from businesses across the globe. ..