all InfoSec news
Active Exploitation of WooCommerce Payments Improper Authentication Vulnerability (CVE-2023-28121)
July 31, 2023, 1:29 a.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
WooCommerce Payments is a popular e-commerce payment plugin for WordPress designed for small to large-sized online merchants using WordPress. According to Woo, the plugin has over 600,000 active installations.
What is the Attack?
CVE-2023-28121 is an authentication bypass vulnerability affecting the WooCommerce Payments plugin version 4.8.0 through 5.6.1. Successful exploitation of the vulnerability could allow an unauthorized attacker to gain admin privileges on the WordPress websites installed with the vulnerable version of the plugin enabled.
According …
attack authentication authentication bypass bypass bypass vulnerability commerce cve cve-2023-28121 e-commerce exploitation large payment payments plugin popular version vulnerability what is woocommerce woocommerce payments woocommerce payments plugin wordpress
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
GitLab Password Reset Vulnerability (CVE-2023-7028)
1 day, 11 hours ago |
fortiguard.fortinet.com
Tinyproxy use-after-free Vulnerability (CVE-2023-49606)
3 days, 13 hours ago |
fortiguard.fortinet.com
XZ Utils Supply Chain Attack (CVE-2024-3094)
1 month, 1 week ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
GCP Incident Response Engineer
@ Publicis Groupe | Dallas, Texas, United States
DevSecOps Engineer - CL - Santiago
@ Globant | Santiago de Chile, Santiago, CL
IT Security Analyst - State Government & Healthcare
@ NTT DATA | Little Rock, AR, US
Exploit Developer
@ Peraton | Fort Meade, MD, United States
Senior Manager, Response Analytics & Insights (Fraud Threat Management)
@ Scotiabank | Toronto, ON, CA, M3C0N5
Cybersecurity Risk Analyst IV
@ Computer Task Group, Inc | Buffalo, NY, United States