ZDNet

WordPress sites under attack as hacker group tries to create rogue admin accounts

A hacker group is exploiting vulnerabilities in more than ten WordPress plugins to create rogue admin accounts on WordPress sites across the internet. The attacks are an escalation part of a hacking ...
ZDNet

Hackers exploit zero-day in WordPress plugin to create rogue admin accounts

Hackers are exploiting a zero-day vulnerability in a WordPress plugin made by ThemeREX, a company that sells commercial WordPress themes. The attacks, detected by Wordfence, a company that provides a ...
Bleeping Computer

Hackers exploit OttoKit WordPress plugin flaw to add admin accounts

Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites. OttoKit (formerly SureTriggers) ...