Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites

April 28, 2024

Threat actors are attempting to actively exploit a critical security flaw in the ValvePress Automatic plugin for WordPress that could allow site takeovers.
The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.92.0. The issue has been resolved in version 3.92.1 released on February 27, 2024,

About The Author

See author's posts

Post Views: 21

Categories

Leave a Reply Cancel reply

Related Stories

Gmail’s New Shielded Email Feature Lets Users Create Aliases for Email Privacy

Fake Discount Sites Exploit Black Friday to Hijack Shopper Information

Beyond Compliance: The Advantage of Year-Round Network Pen Testing

AF themes

You may have missed

Fake Discount Sites Exploit Black Friday to Hijack Shopper Information

Gmail’s New Shielded Email Feature Lets Users Create Aliases for Email Privacy

Beyond Compliance: The Advantage of Year-Round Network Pen Testing

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 – Nov 17)

About AF themes

Recent Posts

Connect with Us

About The Author

Leave a Reply Cancel reply

Related Stories

Gmail’s New Shielded Email Feature Lets Users Create Aliases for Email Privacy

Fake Discount Sites Exploit Black Friday to Hijack Shopper Information

Beyond Compliance: The Advantage of Year-Round Network Pen Testing

You may have missed

Fake Discount Sites Exploit Black Friday to Hijack Shopper Information

Gmail’s New Shielded Email Feature Lets Users Create Aliases for Email Privacy

Beyond Compliance: The Advantage of Year-Round Network Pen Testing

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 – Nov 17)