Date | 2021-09-24 |
Type | JS injection |
See also | https://blog.nintechnet.com/wordpress-wp-dsgvo-tools-gdpr-plugin-patched-vulnerability-actively-exploited/ |
Target | WordPress |
Where | WordPress database (sp_dsgvo_integration_matomo) |
Vulnerability | WP DSGVO Tools (GDPR) <=3.1.22 Unauthenticated XSS |
Malware Domain | https://store.piterreceiver.ga/jsa/trim.js, https://steam.piterreceiver.ga/pm.php, https://store.piterreceiver.ga/track/go.php?//pm.php, https://white.belonnanotservice.ga/jpGvcN |
Malware Code | |
Malware Code |