securityaffairs<p>Attackers are exploiting recently disclosed <a href="https://infosec.exchange/tags/OttoKit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OttoKit</span></a> <a href="https://infosec.exchange/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a> plugin flaw<br><a href="https://securityaffairs.com/176461/security/ottokit-wordpress-plugin-flaw-exploitation.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityaffairs.com/176461/sec</span><span class="invisible">urity/ottokit-wordpress-plugin-flaw-exploitation.html</span></a><br><a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>securityaffairs</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
240active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.6
#ottokit
2 posts · 2 participants · 0 posts today
Sam Stepanyan :verified: 🐘<p><a href="https://infosec.exchange/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a>: authentication bypass <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> CVE-2025-3102 in <a href="https://infosec.exchange/tags/OttoKit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OttoKit</span></a> plugin installed on 100,000+ websites is under active exploitation allowing attackers to perform full website takeover:<br>👇<br><a href="https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-auth-bypass-hours-after-disclosure/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/hackers-exploit-wordpress-plugin-auth-bypass-hours-after-disclosure/</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload