{"uuid": "c402e47d-18bd-4354-a25b-ddfa24c31ff1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "https://t.me/KomunitiSiber/1850", "content": "Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites\nhttps://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html\n\nThreat actors are attempting to actively exploit a critical security flaw in the WP\u2011Automatic plugin for WordPress that could allow site takeovers.\nThe shortcoming, tracked as\u00a0CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin\u00a0prior to\u00a03.9.2.0.\n\"This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as", "creation_timestamp": "2024-04-26T09:03:37.000000Z"}