all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Analysis of the Fake WordPress CVE-2023-46182 Patch Plugin & Phishing Campaign

Add to bookmarks
Dec. 14, 2023, 8:36 p.m. | Denis Sinegubko

Sucuri Blog blog.sucuri.net

On December 1, 2023, several security researchers reported about a new phishing campaign targeting WordPress administrators.



WordPress sites owners had started receiving emails from WordPress.com with the following message:


“The WordPress Security Team has discovered a Remove Code Execution (RCE) vulnerability on your site, which allows attackers to execute malwares and steal your data, user details and more …”


They urged webmasters to “immediately use the CVE-2023-45124 Patch, a plugin launched by the WordPress Team”.


Continue reading Analysis of …

administrators analysis attackers black hat tactics campaign code code execution cve december emails fake malware message patch phishing phishing campaign plugin rce remove researchers security security researchers security team targeting team vulnerability website backdoor website malware infections wordpress wordpress plugins and themes wordpress security

Visit resource

More from blog.sucuri.net / Sucuri Blog

WordPress Vulnerability & Patch Roundup April 2024 1 day, 19 hours ago | blog.sucuri.net
april attacks automated awareness +33
What is a Zero-Day Vulnerability? 5 days, 18 hours ago | blog.sucuri.net
best practices can dev dev teams +19
What is Cookie Hijacking 1 week ago | blog.sucuri.net
access accounts application attackers +25
JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS 1 week, 5 days ago | blog.sucuri.net
august black hat tactics campaign cloud +30
WordPress Maintenance: Tasks & Best Practices 2 weeks ago | blog.sucuri.net
best practices can expertise guide +10
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker 2 weeks, 5 days ago | blog.sucuri.net
admin amp area attackers +32
Web Shells: Types, Mitigation & Removal 3 weeks, 1 day ago | blog.sucuri.net
access attackers best practices compromised +33
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS 4 weeks ago | blog.sucuri.net
adoption black hat tactics can cms +19
WordPress Vulnerability & Patch Roundup March 2024 1 month ago | blog.sucuri.net
attacks automated awareness best practices +32

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Researcher

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Sr. Cyber Risk Analyst

@ American Heart Association | Dallas, TX, United States
View on infosec-jobs.com

Cybersecurity Engineer 2/3

@ Scaled Composites, LLC | Mojave, CA, US
View on infosec-jobs.com

Information Security Operations Manager

@ DP World | Charlotte, NC, United States
View on infosec-jobs.com

Sr Cyber Security Engineer I

@ Staples | Framingham, MA, United States
View on infosec-jobs.com

Security Engineer - Heartland (Remote)

@ GuidePoint Security LLC | Remote in the US
View on infosec-jobs.com
View more jobs