Description
`d3.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
Related Vulnerabilities
WordPress Plugin Digital River Global Commerce Supply Chain Attack [Polyfill.io] (2.0.2)
WordPress Plugin GDPR Cookie Consent Security Bypass (1.8.2)
WordPress Plugin WP No External Links Cross-Site Scripting (3.5.18)
MySQL CVE-2018-3065 Vulnerability (CVE-2018-3065)
WordPress Plugin AJAX Random Post Cross-Site Scripting (2.00)