Vulnerability in WordPress Abused for Malware Campaign. Researchers from Zscaler have discovered the first malware campaign using a vulnerability in the Live Chat Support plugin.


The attackers injected a rogue script that redirects to other web pages, showing unwanted pop-ups.

A cross-site script vulnerability was recently discovered in the popular WordPress Live Chat Support plugin.

WordPress is a widely used content management system (CMS).

The vulnerability enables attackers to change plugin settings and insert malicious javascript code,

 where the Live Chat Support feature is displayed on a WordPress site.

Leave a Reply