News

The Hacker News6d
OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation
A critical OttoKit plugin flaw CVE-2025-3102 exploited within hours lets attackers create admin accounts unchecked.
A key WordPress feature has been hijacked to show malicious code, spam images
Discussing how the sites might have been infected, the researchers said there were multiple ways to compromise a WordPress site. That includes exploiting a vulnerable plugin or a theme, compromised ...
Infosecurity Magazine24y
Major WordPress Plugin Flaw Exploited in Under 4 Hours
According to PatchStack, who discovered the flaw, exploitation began just four hours after the vulnerability was patched. The ...
WordPress users beware - these popular theme plugins have some major security issues
Both flaws allow malicious actors to elevate their privileges to admin, gaining full control of the WordPress site, and ...