Keumars Afifi-Sabet reports:
Attackers have been exploiting a flaw in a WordPress GDPR-compliance plugin to hijack vulnerable websites and implement remote code execution.
The flaw had been present in Wordfence’s GDPR Compliance plugin for at least four months and, ironically, allowed hackers to gain access to a site using the tool. Hackers could then execute any action and update any database value.
There are examples of live sites infected using this attack method, including instances of malicious actors installing several administrator accounts, according to WordPress threat analyst Mikey Veenstra.
Read more on Alphr.