Hackers are actively exploiting a critical vulnerability, tracked as CVE-2022-45359 (CVSS v3: 9.8), affecting the WordPress plugin YITH WooCommerce Gift Cards Premium.
The YITH WooCommerce Gift Cards Premium plugin allows websites of online stores to sell gift cards, a WordPress plugin used on over 50,000 websites.
The CVE-2022-45359 flaw is an Arbitrary File Upload issue that can allow an unauthenticated attacker to upload files to vulnerable sites, including web shells that provide full access to the site.
The issue was discovered on November 22, 2022, and was addressed with the release of version 3.20.0.
Due to the presence of a lot of websites that are still using vulnerable versions of the plugin, threat actors are exploring the flaw in attacks in the wild to upload backdoors on the e-stores.
“The Wordfence Threat Intelligence team has been tracking exploits targeting a Critical Severity Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards Premium, a plugin with over 50,000 installations according to the vendor.” reported Wordfence. “This allows attackers to place a back door, obtain Remote Code Execution, and take over the site.”