Threat actors are actively exploiting a critical vulnerability in the WooCommerce Payments plugin for WordPress, which has over 600,000 active installations. The flaw, tracked as CVE-2023-28121, allows attackers to compromise an administrator’s account and take control of vulnerable websites. Large-scale attacks began on July 14, 2023, and have peaked at 1.3 million attacks against 157,000 sites on July 16, 2023. The attackers use various methods, including installing the WP Console plugin to execute malicious code and establish persistence. Administrators are urged to update the plugin to version 5.6.2 to prevent further exploitation.
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.