A vast campaign targeting WordPress-based websites was identified by the Wordfence Firewall as it targeted 1.3 million pages. The attackers are looking for unpatched XSS vulnerabilities. Exploited successfully, the vulnerabilities would let bad actors access the configuration files and database credentials. If the attack is successful, criminals could use the stolen credentials to add an administrative user, steal data, or even delete the website entirely. Users advised to look for the indicators of compromise underlined in the advisory and to change the credentials if they think they might have been compromised.”]