all InfoSec news
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
April 26, 2024, 5:49 a.m. | info@thehackernews.com (The Hacker News)
The Hacker News thehackernews.com
The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0.
"This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as
accounts admin automatic bug critical cve cve-2024 cvss cvss score exploit exploiting flaw hackers plugin score security security flaw takeovers threat threat actors wordpress wordpress sites
More from thehackernews.com / The Hacker News
Jobs in InfoSec / Cybersecurity
Consultant infrastructure sécurité H/F
@ Hifield | Sèvres, France
SOC Analyst
@ Wix | Tel Aviv, Israel
Information Security Operations Officer
@ International Labour Organization | Geneva, CH, 1200
PMO Cybersécurité H/F
@ Hifield | Sèvres, France
Third Party Risk Management - Consultant
@ KPMG India | Bengaluru, Karnataka, India
Consultant Cyber Sécurité H/F - Strasbourg
@ Hifield | Strasbourg, France