OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation

Updated on April 11, 2025

A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure.
The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites.
“The…

Read the rest of the story at Read More

Source: The Hacker News

February 5, 2025 Uncategorized

Silent Lynx Using PowerShell, Golang, an...

December 22, 2023 Uncategorized

Rogue WordPress Plugin Exposes E-Commerc...

October 15, 2024 Uncategorized

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation

Related posts

Silent Lynx Using PowerShell, Golang, an...

Rogue WordPress Plugin Exposes E-Commerc...

WordPress Plugin Jetpack Patches Major V...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines