OneTone Vulnerability Leads to JavaScript Cookie Hijacking
A vulnerability in the discontinued WordPress theme OneTone has been added to an ongoing campaign that is targeting vulnerable WordPress websites and causes malicious redirects through domains like ischeck[.]xyz.
This specific wave uses the XSS vulnerability to inject malicious JavaScript and redirect visitors to the attacker’s landing page. The malware also detects and leverages existing admin user sessions to create a new admin user for later use as a backdoor.
Continue reading OneTone Vulnerability Leads to JavaScript Cookie Hijacking at Sucuri Blog.
Read more: OneTone Vulnerability Leads to JavaScript Cookie Hijacking
Story added 15. April 2020, content source with full text you can find at link above.