Hackers exploit OttoKit WordPress plugin flaw to add admin accounts

Published on May 7, 2025

Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites. [...]