On March 13th, 2025, we received a submission for an Unauthenticated Administrative User Creation vulnerability in SureTriggers, a WordPress plugin with more than 100,000 active installations. This vulnerability can be leveraged by attackers to create malicious administrator users when the plugin is not configured with an API key.
The post 100,000 WordPress Sites Affected by Administrative User Creation Vulnerability in SureTriggers WordPress Plugin appeared first on Wordfence.
This article has been indexed from Blog – Wordfence