![Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites](https://search.ai.wiki/wp-content/uploads/2023/07/cybercriminals-exploiting-woocommerce-payments-plugin-flaw-to-hijack-websites.jpg)
Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites
Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign.
The flaw, tracked as CVE-2023-28121 (CVSS score: 9.8), is a case of authentication bypass that enables unauthenticated attackers to impersonate arbitrary users and perform some actions as the impersonated user, including an