Invicti detected an indicator suggesting that the scanned application was backdoored.
The detected payload was part of an attack on WordPress plugin maintainers and placed in various different WordPress plugins.
An attacker can execute arbitrary commands on the system or run JavaScript code under the context of your web application.
You can search and find all vulnerabilities