Bleeping Computer

Hackers exploiting critical WordPress WooCommerce Payments bug

Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators, on vulnerable WordPress installation.
Infosecurity-magazine.com

Flaw Leads to RCE in WordPress Plugins, WooCommerce

A WordPress design flaw could grant an attacker remote code execution, leading to a privilege escalation in WooCommerce and other WordPress plugins, according to RIPS Technologies. In a 6 November ...