Zeitpunkt Nutzer Delta Tröts TNR Titel Version maxTL Mo 29.04.2024 00:00:13 7.197 +1 574.064 79,8 NerdCulture 4.2.8 500 So 28.04.2024 00:00:18 7.196 +1 573.535 79,7 NerdCulture 4.2.8 500 Sa 27.04.2024 00:00:11 7.195 -1 573.157 79,7 NerdCulture 4.2.8 500 Fr 26.04.2024 00:00:11 7.196 0 572.732 79,6 NerdCulture 4.2.8 500 Do 25.04.2024 00:01:11 7.196 +1 572.250 79,5 NerdCulture 4.2.8 500 Mi 24.04.2024 00:00:12 7.195 0 571.738 79,5 NerdCulture 4.2.8 500 Di 23.04.2024 00:01:14 7.195 +1 571.375 79,4 NerdCulture 4.2.8 500 Mo 22.04.2024 00:00:16 7.194 +1 570.813 79,3 NerdCulture 4.2.8 500 So 21.04.2024 00:00:11 7.193 0 570.245 79,3 NerdCulture 4.2.8 500 Sa 20.04.2024 00:00:09 7.193 0 569.595 79,2 NerdCulture 4.2.8 500
Olly 👾 (@Olly42) · 01/2024 · Tröts: 163 · Folger: 15
Mo 29.04.2024 16:34
WP Automatic WordPress Plugin hit by millions of SQL Injection Attacks.
Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0.
https://wpscan.com/blog/new-malware-campaign-targets-wp-automatic-plugin/
#wordpress #it #security #engineer #tech #news
According to the Automattic-owned company, the issue is rooted in the plugin's user authentication mechanism, which can be trivially circumvented to execute arbitrary SQL queries against the database by means of specially crafted requests. Cybersecurity In the attacks observed so far, CVE-2024-27956 is being used to unauthorized database queries and create new admin accounts on susceptible WordPress sites (e.g., names starting with "xtw"), which could then be leveraged for follow-on post-exploitation actions.
[Öffentlich] Antw.: 0 Wtrl.: 0 Fav.: 0 · via Metatext