Embedded malicious code (backdoor) in wpdefault - #VU25674
Published: February 28, 2020
Vulnerability identifier: #VU25674
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Amber
CVE-ID: N/A
CWE-ID: CWE-506
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: wpdefault
Affected software:
wpdefault
wpdefault
Detailed vulnerability description
The vulnerability allows a remote attacker to skim payment data from Woocommerce stores.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor) within the "wpdefault.php" file that allows a remote attacker to gain unauthorized access to the application.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.