Global CyberSecurity

Analysis of the Fake WordPress CVE-2023-46182 Patch Plugin & Phishing Campaign 

0

Published on 12/14/2023 – Last Updated on 12/15/2023 by OTC

On December 1, 2023, several security researchers reported about a new phishing campaign targeting WordPress administrators.

WordPress sites owners had started receiving emails from WordPress.com with the following message:

“The WordPress Security Team has discovered a Remove Code Execution (RCE) vulnerability on your site, which allows attackers to execute malwares and steal your data, user details and more …”

They urged webmasters to “immediately use the CVE-2023-45124 Patch, a plugin launched by the WordPress Team”.

Continue reading Analysis of the Fake WordPress CVE-2023-46182 Patch Plugin & Phishing Campaign  at Sucuri Blog.

Critical RCE Vulnerability Patched in Backup Migration Plugin

Previous article

What is a Content Security Policy (CSP)

Next article

You may also like

Comments

Comments are closed.