Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites

Threat actors are attempting to actively exploit a critical security flaw in the ValvePress Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.92.0. The issue has been resolved in version 3.92.1 released on February 27, 2024,

  Hacker News   Apr 30, 2024   0   28  Add to Reading List
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
Threat actors are attempting to actively exploit a critical security flaw in the ValvePress Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.92.0. The issue has been resolved in version 3.92.1 released on February 27, 2024,








Read More   

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow