all InfoSec news
PSA: YITH WooCommerce Gift Cards Premium Plugin Exploited in the Wild
Dec. 22, 2022, 5:30 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
The Wordfence Threat Intelligence team has been tracking exploits targeting a Critical Severity Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards Premium, a plugin with over 50,000 installations according to the vendor.
The vulnerability, reported by security researcher Dave Jong and publicly disclosed on November 22, 2022, impacts plugin versions up to and including 3.19.0 and allows unauthenticated attackers to upload executable files to WordPress sites running a vulnerable version of the plugin. This allows attackers to place a …
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Data & Security Engineer Lead
@ LiquidX | Singapore, Central Singapore, Singapore
IT and Cyber Risk Control Lead
@ GXS Bank | Singapore - OneNorth
Consultant Senior en Gestion de Crise Cyber et Continuité d’Activité H/F
@ Hifield | Sèvres, France
Cyber Security Analyst (Weekend 1st Shift)
@ Fortress Security Risk Management | Cleveland, OH, United States
Senior Manager, Cybersecurity
@ BlueTriton Brands | Stamford, CT, US