WordPress shopping sites under attack

Hackers using cross-site scripting (XSS) flaw in abandoned cart plugin to take over vulnerable sites.