{"uuid": "429492a7-3f81-4e85-9023-04d2992a0dd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28121", "type": "exploited", "source": "https://t.me/KomunitiSiber/501", "content": "Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites\nhttps://thehackernews.com/2023/07/cybercriminals-exploiting-woocommerce.html\n\nThreat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign.\nThe flaw, tracked as\u00a0CVE-2023-28121\u00a0(CVSS score: 9.8), is a case of authentication bypass that enables unauthenticated attackers to impersonate arbitrary users and perform some actions as the impersonated user, including an", "creation_timestamp": "2023-07-18T09:35:19.000000Z"}