all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites

Add to bookmarks
April 26, 2024, 5:49 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers.
The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0.
"This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as

accounts admin automatic bug critical cve cve-2024 cvss cvss score exploit exploiting flaw hackers plugin score security security flaw takeovers threat threat actors wordpress wordpress sites

Visit resource

More from thehackernews.com / The Hacker News

Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution 5 hours ago | thehackernews.com
cisco code code execution critical +21
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices 5 hours ago | thehackernews.com
arcanedoor attack attack surface attack surface management +23
It Costs How Much?!? The Financial Pitfalls of Cyberattacks on SMBs 8 hours ago | thehackernews.com
business cyberattacks cybercriminals financial +8
Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components 9 hours ago | thehackernews.com
access account android android devices +20
New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs 11 hours ago | thehackernews.com
act apple apple macos arm +19
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities 2 days, 11 hours ago | thehackernews.com
actor apt28 campaign cyber +24
Expert-Led Webinar - Uncovering Latest DDoS Tactics and Learn How to Fight Back 3 days, 6 hours ago | thehackernews.com
address attacks back business +22
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications 3 days, 7 hours ago | thehackernews.com
abusing aim amp api +25
New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data 3 days, 9 hours ago | thehackernews.com
address applications business corporate +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Consultant infrastructure sécurité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

SOC Analyst

@ Wix | Tel Aviv, Israel
View on infosec-jobs.com

Information Security Operations Officer

@ International Labour Organization | Geneva, CH, 1200
View on infosec-jobs.com

PMO Cybersécurité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Third Party Risk Management - Consultant

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Consultant Cyber Sécurité H/F - Strasbourg

@ Hifield | Strasbourg, France
View on infosec-jobs.com
View more jobs