all InfoSec news
Analysis of the Fake WordPress CVE-2023-46182 Patch Plugin & Phishing Campaign
Sucuri Blog blog.sucuri.net
On December 1, 2023, several security researchers reported about a new phishing campaign targeting WordPress administrators.
WordPress sites owners had started receiving emails from WordPress.com with the following message:
“The WordPress Security Team has discovered a Remove Code Execution (RCE) vulnerability on your site, which allows attackers to execute malwares and steal your data, user details and more …”
They urged webmasters to “immediately use the CVE-2023-45124 Patch, a plugin launched by the WordPress Team”.
Continue reading Analysis of …
administrators analysis attackers black hat tactics campaign code code execution cve december emails fake malware message patch phishing phishing campaign plugin rce remove researchers security security researchers security team targeting team vulnerability website backdoor website malware infections wordpress wordpress plugins and themes wordpress security