Two flaws – one of them yet to be fixed – are afflicting a third-party plugin used by Magento e-commerce websites.
https://threatpost.com/magento-sites-vulnerable-to-rce-stemming-from-magmi-plugin-flaws/158864/
origin - https://www.pipiscrew.com/2020/09/magento-sites-vulnerable-to-rce-stemming-from-magmi-plugin-flaws/ magento-sites-vulnerable-to-rce-stemming-from-magmi-plugin-flaws