MageCart WordPress Plugin Injects Malicious User & Credit Card Skimmer
A recent analysis discovered a malicious plugin injected into a WordPress/WooCommerce website that creates a fake administrator user and injects credit card skimming JavaScript into the checkout page.