National Cyber Warfare Foundation (NCWF) Forums


Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites


0 user ratings		2024-04-26 06:40:34
milo
Red Team (CNA) , Attacks
Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers.
The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0.
"This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as



Source: TheHackerNews
Source Link: https://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Red Team (CNA)
Attacks


© Copyright 2012 through 2024 - National Cyber War Foundation - All rights reserved worldwide.