OneTone Vulnerability Leads to JavaScript Cookie Hijacking

OneTone Vulnerability Leads to JavaScript Cookie Hijacking

A vulnerability in the discontinued WordPress theme OneTone has been added to an ongoing campaign that is targeting vulnerable WordPress websites and causes malicious redirects through domains like ischeck[.]xyz.

This specific wave uses the XSS vulnerability to inject malicious JavaScript and redirect visitors to the attacker’s landing page. The malware also detects and leverages existing admin user sessions to create a new admin user for later use as a backdoor.

Continue reading OneTone Vulnerability Leads to JavaScript Cookie Hijacking at Sucuri Blog.

Via Sucuri.net

Tags: , , ,