Bleeping Computer

Hackers exploit WordPress plugin auth bypass hours after disclosure

Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure. Users are strongly ...

UpdraftPlus Vulnerability Exposes 3 Million WordPress Sites

Attackers can bypass WordPress authentication, run commands as an administrator, and then install malicious plugins on ...