"Exploits allow attackers to bypass CVE-2012-1823, a critical code execution vulnerability patched in PHP in 2012."
"... roughly half of the compromises observed show clear signs of running XAMPP... maintainers explicitly say their software isn’t suitable for production systems."
This is the price of running not-for-production and now-unsupported software in production.
Play stupid games, win stupid prizes. 🤷♂️