An actively exploited security flaw in the Funnel Builder plugin for WordPress allows payment skimming on WooCommerce stores. Attackers inject malicious code into the checkout process to steal sensitive credit card data. This risk compromises transaction integrity and customer trust, so it is urged to update the plugin immediately and review the system.
Technical analysis of the malicious code injection 🔍
The vulnerability lies in the manipulation of input fields during the WooCommerce checkout flow. Attackers exploit a lack of sanitization in the plugin's session variables to insert scripts that capture data in real time. These scripts send the information to external servers without altering the user's visual experience. Active exploitation has been detected on multiple sites, requiring an immediate review of server files and logs to identify compromises.
The plugin that charged you and now charges you double 💳
It turns out that Funnel Builder, designed to optimize sales, now also optimizes credit card theft. Cybercriminals, always so creative, have decided that charging twice for the same product is a good business plan. If your WooCommerce store started selling more without you doing anything, maybe it's not marketing, but a skimming script working overtime. Update the plugin or your customers will thank you for the premium fraud subscription service.