Vulnerability in WordPress Abused for Malware Campaign. Researchers from Zscaler have discovered the first malware campaign using a vulnerability in the Live Chat Support plugin.
The attackers injected a rogue script that redirects to other web pages, showing unwanted pop-ups.
A cross-site script vulnerability was recently discovered in the popular WordPress Live Chat Support plugin.
WordPress is a widely used content management system (CMS).
The vulnerability enables attackers to change plugin settings and insert malicious javascript code,
where the Live Chat Support feature is displayed on a WordPress site.