News

The Hacker News5d
OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation
A critical OttoKit plugin flaw CVE-2025-3102 exploited within hours lets attackers create admin accounts unchecked.
Infosecurity Magazine24y
Major WordPress Plugin Flaw Exploited in Under 4 Hours
According to PatchStack, who discovered the flaw, exploitation began just four hours after the vulnerability was patched. The ...
Hackers exploit WordPress plugin auth bypass hours after disclosure
Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) ...
A key WordPress feature has been hijacked to show malicious code, spam images
Discussing how the sites might have been infected, the researchers said there were multiple ways to compromise a WordPress site. That includes exploiting a vulnerable plugin or a theme, compromised ...