Tag: Facebook Chat Plugin

Flaw on the Official Facebook Chat Plugin enabled Social Engineering Attacks

Flaw on the Official Facebook Chat Plugin enabled Social Engineering Attacks

Security, Plugins
A flaw in The Official Facebook Chat Plugin made it possible for low-level authenticated attackers to connect their own Facebook Messenger account to any site running the vulnerable plugin and engage in chats with site visitors on affected sites. This WordPress plugin is currently installed on over 80,000 sites. What is the Facebook Chat plugin The Official WordPress Facebook Chat plugin is a very simple plugin that is used to add a “Facebook Messenger” chat pop-up to any WordPress site and connect a site owner’s chosen Facebook page to receive messages and interact with site visitors. This vulnerability could be exploited and easily go undetected by a site owner, causing site visitors to interact with an attacker instead of the site owner. Exploit attempts targeting this vulnerabilit