Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware By Bill Toulas March 10, 2024 11:38 AM 0 Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. The flaw leveraged in the attacks is tracked as CVE-2023-6000, a cross-site scripting (XSS) vulnerability impacting Popup Builder versions 4.2.3 and older, which was initially disclosed in November 2023. A Balada Inje...