all InfoSec news
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
April 26, 2024, 5:49 a.m. | info@thehackernews.com (The Hacker News)
The Hacker News thehackernews.com
The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0.
"This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as
accounts admin automatic bug critical cve cve-2024 cvss cvss score exploit exploiting flaw hackers plugin score security security flaw takeovers threat threat actors wordpress wordpress sites
More from thehackernews.com / The Hacker News
Jobs in InfoSec / Cybersecurity
IT Security Engineer
@ Timocom GmbH | Erkrath, Germany
Consultant SOC / CERT H/F
@ Hifield | Sèvres, France
Privacy Engineer, Implementation Review
@ Meta | Menlo Park, CA | Seattle, WA
Cybersecurity Specialist (Security Engineering)
@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
SOC Analyst
@ Rubrik | Palo Alto
Consultant Tech Advisory H/F
@ Hifield | Sèvres, France