25 September 19, 18:54
Quote:Site administrators still using the Rich Reviews plugin for WordPress are easy targets as hackers are currently exploiting an unpatched vulnerability for malvertising campaigns.
Although the plugin was removed for security reasons from the WordPress repository more than six months ago, it is estimated that 16,000 websites still have it running.
The plugin is vulnerable to unauthenticated plugin option updates and attackers are leveraging it to deliver stored cross-site scripting (XSS) payloads. The JavaScript is triggered by both website visitors and authenticated administrators.
According to researchers from Defiant, there are two issues permitting the attack. One is a lack of access controls for changing the plugin's options, and the other is not sanitizing the values of the options.
Read more here: https://www.bleepingcomputer.com/news/se...ss-plugin/
![[-]](https://www.geeks.fyi/images/collapse.png "[-]")
