PSA: YITH WooCommerce Gift Cards Premium Plugin Exploited in the Wild
Tags
attack-pattern: Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Malicious File - T1204.002
Show in Graph
Common Information
Type Value
UUID d5052105-adcd-459d-a63f-138ba3974acf
Fingerprint 89b018d3cd7dc6ed
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 22, 2022, 5:23 p.m.
Added to db Jan. 16, 2023, 3:49 p.m.
Last updated Nov. 8, 2024, 7:38 a.m.
Headline PSA: YITH WooCommerce Gift Cards Premium Plugin Exploited in the Wild
Title PSA: YITH WooCommerce Gift Cards Premium Plugin Exploited in the Wild
Detected Hints/Tags/Attributes 25/1/12
Source URLs
Redirection Url
Details Source https://www.wordfence.com/blog/2022/12/psa-yith-woocommerce-gift-cards-premium-plugin-exploited-in-the-wild/
URL Provider
Details Provider Source level domain
Details wordfence.com www.wordfence.com
Attributes
Details Type #Events CTI Value
Details CVE 6 
cve-2022-45359
Details Domain 1 
shell.prinsh.com
Details File 7 
admin-post.php
Details File 1 
kon.php
Details File 1 
1tes.php
Details File 8 
b.php
Details File 86 
admin.php
Details sha256 1 
1a3babb9ac0a199289262b6acf680fb3185d432ed1e6b71f339074047078b28c
Details sha256 1 
3c2c9d07da5f40a22de1c32bc8088e941cea7215cbcd6e1e901c6a3f7a6f9f19
Details sha256 1 
8cc74f5fa8847ba70c8691eb5fdf8b6879593459cfd2d4773251388618cac90d
Details IPv4 2 
103.138.108.15
Details IPv4 2 
188.66.0.135