The WP Automatic plugin for WordPress, installed on over 30,000 websites, has been targeted by hackers exploiting a critical vulnerability. The flaw, identified as CVE-2024-27956, allows hackers to bypass the plugin’s user authentication mechanism and submit SQL queries to the site’s database. This can lead to the creation of administrator accounts on the target website. Since the vulnerability was disclosed, more than 5.5 million attacks have been observed. After gaining admin access, attackers create backdoors and obfuscate the code to ensure long-term access. To mitigate the risk, administrators are advised to update the WP Automatic plugin to version 3.92.1 or later.
Read more at: www.bleepingcomputer.com