CVE-2024-6297 WordPress Plugin Backdoor
Summary#
Invicti detected an indicator suggesting that the scanned application was backdoored.
The detected payload was part of an attack on WordPress plugin maintainers and placed in various different WordPress plugins.
Impact#
An attacker can execute arbitrary commands on the system or run JavaScript code under the context of your web application.
Actions To Take#
- Remove the identified web backdoor from your web server.
- Ensure that all of the WordPress plugins on your website are up-to-date.
Classifications#