Hackers make millions of attempts to exploit WordPress plugin vulnerability
Briefly

from Ars Technica1 week ago
Researchers discovered a high-severity vulnerability in WordPress Automatic versions 3.92.0 and below, allowing complete takeover. The developer released patches in versions 3.92.1 and above.
Ars Technicahttps://arstechnica.com/security/2024/04/hackers-make-millions-of-attempts-to-exploit-wordpress-plugin-vulnerability/
The vulnerability, classified as a SQL injection (CVE-2024-27956), can be exploited by manipulating website fields with specially crafted data strings to execute sensitive actions.
Ars Technicahttps://arstechnica.com/security/2024/04/hackers-make-millions-of-attempts-to-exploit-wordpress-plugin-vulnerability/
WPScan reported over 5.5 million exploitation attempts since the disclosure, allowing attackers to create admin-level accounts, upload malicious files, and gain full control of affected sites.
Ars Technicahttps://arstechnica.com/security/2024/04/hackers-make-millions-of-attempts-to-exploit-wordpress-plugin-vulnerability/
Read at Ars Technica
#wordpress-automatic-plugin #security-vulnerability #sql-injection #hackers #website-takeover
[
add
]
[
|
|
]