When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
In theory, threat actors could trick this API to install a malicious extension instead of a theme.
This JavaScript would, consequently, trigger the installation of the malicious add-on, in complete silence.
The edgeMarketingPagePrivate API was initially intended for marketing purposes, Guardio Labs researchers said.
