all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Analysis of the Fake WordPress CVE-2023-46182 Patch Plugin & Phishing Campaign

Add to bookmarks
Dec. 14, 2023, 8:36 p.m. | Denis Sinegubko

Sucuri Blog blog.sucuri.net

On December 1, 2023, several security researchers reported about a new phishing campaign targeting WordPress administrators.



WordPress sites owners had started receiving emails from WordPress.com with the following message:


“The WordPress Security Team has discovered a Remove Code Execution (RCE) vulnerability on your site, which allows attackers to execute malwares and steal your data, user details and more …”


They urged webmasters to “immediately use the CVE-2023-45124 Patch, a plugin launched by the WordPress Team”.


Continue reading Analysis of …

administrators analysis attackers black hat tactics campaign code code execution cve december emails fake malware message patch phishing phishing campaign plugin rce remove researchers security security researchers security team targeting team vulnerability website backdoor website malware infections wordpress wordpress plugins and themes wordpress security

Visit resource

More from blog.sucuri.net / Sucuri Blog

Hundreds of Websites Targeted by Fake Google Chrome Update Pop-Ups 4 days, 2 hours ago | blog.sucuri.net
browser campaigns chrome chrome update +30
From Privacy to Exfiltration: Telegram’s Role in Website Malware 1 week, 3 days ago | blog.sucuri.net
abuse black hat tactics creators cybercriminals +21
WordPress Vulnerability & Patch Roundup May 2024 1 week, 5 days ago | blog.sucuri.net
attacks automated awareness disclosures +32
How to Fix the NET::ERR_CERT_DATE_INVALID Error 2 weeks, 2 days ago | blog.sucuri.net
address can certificate connection +14
Server Side Credit Card Skimmer Lodged in Obscure Plugin 2 weeks, 4 days ago | blog.sucuri.net
attackers card credit credit card +22
What is HTTP 504 Gateway Timeout & How to Fix It 3 weeks, 5 days ago | blog.sucuri.net
best practices can error errors +14
What is HTTP Error 502 Bad Gateway & How to Troubleshoot It 4 weeks, 2 days ago | blog.sucuri.net
bad best practices can error +21
What is HTTP Error 429: Too Many Requests 1 month ago | blog.sucuri.net
access can code error +15
Mal.Metrica Redirects Users to Scam Sites 1 month ago | blog.sucuri.net
analysts black hat tactics click compromised +11

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com