Level 54
Content Creator
Malware Hunter
An ongoing malvertising campaign is targeting an unauthenticated stored cross-site scripting (XSS) vulnerability in the Coming Soon Page & Maintenance Mode WordPress plugin according to Wordfence's Defiant Threat Intelligence team.

The now patched flaw allows unauthenticated attackers to inject JavaScript or HTML code into the blog front-end of WordPress sites running the plugin's version 1.7.8 or below.

The malvertising campaign detected by Wordfence causes compromised WordPress sites "to display unwanted popup ads and redirect visitors to malicious destinations, including tech support scams, malicious Android APKs, and sketchy pharmaceutical ads."