![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLxje8058n4vg7HoH8llmYc-UuLKcytfRFIYL4lAZ1wdjww37rhjkLR8jnZ7vtxEKzGZZoXZs1y8mcNcQRQS60LvIrjIuq769CyQX_24gcUFMqt6Xt5HrONilXG_lo4ESjnq8ao3nGoD7JemTrGZy9cBDsKIcXiNAb6QiTxn8Ug0HWLGvK7aaGmfwbK-z_/s1600/hacking.jpg)
Threat hunters have discovered a rogue WordPress plugin that’s capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information.
The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri.
“As with many other malicious or fake WordPress plugins it contains some deceptive information at
Source:: The Hackers News