Critical Security breach through Sabberworm (code injection)

[Jany-M]

As mentioned in detail here, the Sabberworm library has a HUGE vulnerability and can be used to compromise critically any website.

My specific case was with a WordPress site that had malicious js injected into EVERY single .js file (core, plugins, theme).

The issue was also raised here, since it uses the PHP SVG library.

[PowerKiKi]

Closing this issue to keep the discussion in a single place, https://github.com/sabberworm/PHP-CSS-Parser/issues/343, until we better understand what is going on.