PoC for wordpress takeover in CVE-2024-27956
CVE-2024-27956-RCE PoC for wordpress takeover in CVE-2024-27956
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a up to and including 3.92.0.
Hackers exploit LiteSpeed Cache flaw to create WordPress admins By Bill Toulas May 7, 2024 05:42 PM 0 Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites. LiteSpeed Cache (LS Cache) is advertised as a caching plugin used in over five million WordPress sites that helps speed up page loads, improve visitor experience, and boost Google Search ranking. Automattic's security te...
WP Automatic WordPress plugin hit by millions of SQL injection attacks By Bill Toulas April 25, 2024 10:27 AM 0 Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term access. Currently installed on more than 30,000 websites, WP Automatic lets administrators automate content importing (e.g. text, images, video) from various online sources and publishing on...