WPGateway is one of the WordPress plugins that allows you to simplify various tasks, including website backup and managing themes and plugins from a centralized dashboard. The CVE-2022-3180 vulnerability would allow an external actor with administrator privileges to impersonate these websites that use this plugin.
One of Wordfence's analysts has highlighted that his company's Firewall has successfully blocked more than 4 millions of attacks attacking more than 250.000 websites that have this vulnerability in the last month.
To check for intrusion, you must go to the list of users of the WordPress dashboard in search of the rangex user, with administrator privileges. Additionally, the records of /wp-content/plugins/wpgateway/wpgateway-webservice-new.php?wp_new_credentials=1 to check if the website has been attacked.
In case you have this plugin installed, WPGateway authors strongly recommend uninstalling it completely until they apply a security patch.
Fountain: Bleeping Computer