April 25, 2024 at 10:29AM
Hackers are targeting WP Automatic plugin for WordPress, exploiting the CVE-2024-27956 vulnerability. The issue allows the creation of admin accounts and backdoors. Over 5.5 million attack attempts have been recorded, prompting the recommendation to update to version 3.92.1 and frequently backup websites to mitigate the risk.
After reviewing the meeting notes, here are the key takeaways:
– Hackers are targeting a critical severity vulnerability in the WP Automatic plugin for WordPress, leading to unauthorized user account creation with administrative privileges and planting of backdoors for long-term access.
– The CVE-2024-27956 vulnerability affects WP Automatic versions before 3.9.2.0 and allows for SQL injection by bypassing the plugin’s user authentication mechanism.
– There have been over 5.5 million attack attempts leveraging this vulnerability, with attackers creating backdoors and obfuscating code after obtaining admin access.
– To prevent compromise, administrators are advised to update the WP Automatic plugin to version 3.92.1 or later and frequently create backups of their site for quick reinstallation in case of compromise.
Let me know if you need any further information or analysis!