OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws

OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws

/in

A second security flaw impacting the OttoKit (formerly SureTriggers) WordPress plugin has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2025-27007 (CVSS score: 9.8), is a privilege escalation bug impacting all versions of the plugin prior to and including version 1.0.82. 
“This is due to the create_wp_connection() function missing a capability check and

The Hacker News – ​Read More

Europol Shuts Down Six DDoS-for-Hire Services Used in Global AttacksEuropol Shuts Down Six DDoS-for-Hire Services Used in Global AttacksNew UK Framework Pressures Vendors on SBOMs, Patching and Default MFA