Sneeit WordPress RCE flaw allows hackers to add themselves as admin - here's how to stay safe

A critical flaw in a WordPress add-on was recently patched, which allows crooks to add a rogue admin account to the site.
Bleeping Computer

WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites

A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. Researchers at webscript security company c/side discovered ...
Bleeping Computer

Hackers exploit OttoKit WordPress plugin flaw to add admin accounts

Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites. OttoKit (formerly SureTriggers) ...