Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://hachyderm.io/users/BenjaminHCCarr/statuses/112332873695617426">Benjamin Carr, Ph.D. ??‍?? (benjaminhccarr@hachyderm.io)'s status on Friday, 26-Apr-2024 02:02:53 JST</a><a href="https://hachyderm.io/@BenjaminHCCarr" title="benjaminhccarr@hachyderm.io"><img src="https://gnusocial.jp/avatar/109131-48-20230322204044.webp" width="48" height="48" alt="Benjamin Carr, Ph.D. ??‍??" style="position: absolute; left: 0; top: 0;">Benjamin Carr, Ph.D. ??‍??</a></section><article><p><a href="https://hachyderm.io/tags/WPAutomatic" rel="tag">#WPAutomatic</a> <a href="https://hachyderm.io/tags/WordPress" rel="tag">#WordPress</a> plugin hit by millions of <a href="https://hachyderm.io/tags/SQLinjection" rel="tag">#SQLinjection</a> attacks<br>Hackers targeting a critical severity <a href="https://hachyderm.io/tags/vulnerability" rel="tag">#vulnerability</a> in the <a href="https://hachyderm.io/tags/WP" rel="tag">#WP</a> Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term access. Currently installed on more than 30,000 websites, WP Automatic lets administrators automate content importing (e.g. text, images, video) from various online sources and publishing on a WordPress site. <br><a href="https://www.bleepingcomputer.com/news/security/wp-automatic-wordpress-plugin-hit-by-millions-of-sql-injection-attacks/" rel="nofollow noreferrer">https://www.bleepingcomputer.com/news/security/wp-automatic-wordpress-plugin-hit-by-millions-of-sql-injection-attacks/</a> <a href="https://hachyderm.io/tags/itsec" rel="tag">#itsec</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2992007#notice-5943756">In conversation</a><time datetime="2024-04-26T02:02:53+09:00" title="Friday, 26-Apr-2024 02:02:53 JST">about 6 months ago</time> <span>from <span><a href="https://hachyderm.io/@BenjaminHCCarr/112332873695617426" rel="external" title="Sent from hachyderm.io via ActivityPub">hachyderm.io</a></span></span><a href="https://hachyderm.io/@BenjaminHCCarr/112332873695617426">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/2546419">Untitled attachment</a></label><br><a href="https://media.hachyderm.io/media_attachments/files/112/332/873/560/881/045/original/0a2b091c56fb350a.jpeg" rel="external">https://media.hachyderm.io/media_attachments/files/112/332/873/560/881/045/original/0a2b091c56fb350a.jpeg</a></li><li><article><header><div>Domain not in remote thumbnail source whitelist: www.bleepstatic.com</div><h5><a href="https://www.bleepingcomputer.com/news/security/wp-automatic-wordpress-plugin-hit-by-millions-of-sql-injection-attacks/">WP Automatic WordPress plugin hit by millions of SQL injection attacks</a></h5><div> from <span>@BleepinComputer</span></div></header><div>Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term access.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Benjamin Carr, Ph.D. ??‍?? (benjaminhccarr@hachyderm.io)'s status on Friday, 26-Apr-2024 02:02:53 JST Benjamin Carr, Ph.D. ??‍??
#WPAutomatic #WordPress plugin hit by millions of #SQLinjection attacks
Hackers targeting a critical severity #vulnerability in the #WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term access. Currently installed on more than 30,000 websites, WP Automatic lets administrators automate content importing (e.g. text, images, video) from various online sources and publishing on a WordPress site.
https://www.bleepingcomputer.com/news/security/wp-automatic-wordpress-plugin-hit-by-millions-of-sql-injection-attacks/ #itsec
In conversationabout 6 months ago from hachyderm.iopermalink
Attachments
1. Untitled attachment
  https://media.hachyderm.io/media_attachments/files/112/332/873/560/881/045/original/0a2b091c56fb350a.jpeg
2. Domain not in remote thumbnail source whitelist: www.bleepstatic.com
  WP Automatic WordPress plugin hit by millions of SQL injection attacks
  from @BleepinComputer
  Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term access.

Public

Embed Notice

HTML Code

Corresponding Notice