Plugins Added to Malicious Campaign

Plugins Added to Malicious CampaignWe continue to see an increase in the number of plugins attacked as part of a campaign that’s been active for quite a long time. Bad actors have added more vulnerable plugins to inject similar malicious scripts.

Plugins Added to the Attack

  • Download WP Inventory Manager (version <= 1.8.2)
  • Woocommerce User Email Verification.  (version <= 3.3.0  **Still Not Fixed**)

Attackers are trying to exploit vulnerable versions of these plugins.

Continue reading Plugins Added to Malicious Campaign at Sucuri Blog.

Source: Scuri check