fromThe Hacker News
1 month agoOttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation
"The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secret_key' value in the 'authenticate_user' function in all versions up to, and including, 1.0.78."
Marketing tech