A vulnerability in a little-known but used WordPress plugin is being used to steal users’ payment information by installing malicious code. Experts warn site owners against this danger.
Beware of the little-known WordPress plugin Dessky Snippets
The WordPress plugin Dessky Snippets allows site administrators to add custom PHP code to their sites. However, the plugin’s vulnerability is being used by attackers to install malware by looking for active installations on websites with online stores.
This attack, identified by cybersecurity research firm Sucuri, allows attackers to inject their own code by manipulating the WooCommerce checkout process. Sucuri researchers noted that this malicious code is saved in the dnsp_settings option in the WordPress wp_options table and modifies the checkout form, adding additional forms that ask customers for information such as name, address, credit card number, expiration date and CVV number.
It is also noteworthy that the autocomplete feature is disabled on these fake forms. Users do not receive any warning on these forms, even if autocomplete is turned on in their browser, and they have to fill in the fields manually. This keeps users unsuspecting and makes the forms look organized and like required information.
WordPress is targeted by cybercriminals because it is the most popular website building platform. However, because the platform is generally considered secure, attackers are turning their attention to less secure plugins and themes.
WordPress users should be careful when using unknown or little-known plugins on their sites and be on the lookout for vulnerabilities. Plugins used for payment processing are particularly attractive targets for cybercriminals, and such attacks can compromise users’ financial information.
The first step to improve security on your WordPress site is to make sure all the plugins and themes you use are up to date. It’s also important not to download plugins and themes from unreliable sources.
By running regular security scans and being aware of vulnerabilities, you can protect your site and your users. Remember, online security requires users to be careful and aware, not just software.