The Wordfence Threat Intelligence Team has recently been informed of a phishing campaign targeting WordPress users. The Phishing email claims to be from the WordPress team and warns of a Remote Code Execution vulnerability on the user’s site with an identifier of CVE-2023-45124, which is not currently a valid CVE. The email prompts the victim to download a “Patch” plugin and install it.
- Hello Polyglots! I’m the theme…
- WordPress Photo Festival 2024, A Five Part Retrospective, Part 5, What We Learned, Where We’re Going
- Reflecting on WordCamp Phoenix 2024: Struggles, Successes, and the Road Ahead
- Acquisition Alert: Kestrel Acquires Seven Barn2 Plugins
- The Block Bindings API Brings Dynamic Data to Blocks