WordPress administrators are being emailed fake WordPress security advisories for a fictitious vulnerability tracked as CVE-2023-45124 to infect sites with a malicious plugin.
The campaign has been caught and reported by WordPress security experts at Wordfence and PatchStack, who published alerts on their sites to raise awareness.
[...]
Fake WordPress security advisory pushes backdoor plugin
Fake WordPress security advisory pushes backdoor plugin
-
rbc
- Secretary
- Posts: 311
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
Fake WordPress security advisory pushes backdoor plugin
Robert B. Carleton + ISC2 Central Mississippi President