Sneeit WordPress RCE flaw allows hackers to add themselves as admin - here's how to stay safe

A critical flaw in a WordPress add-on was recently patched, which allows crooks to add a rogue admin account to the site.
Bleeping Computer

Zero-Day in WordPress Plugin Exploited to Create Admin Accounts

A zero-day vulnerability in the ThemeREX Addons, a WordPress plugin installed on thousands of sites, is actively exploited by attackers to create user accounts with admin permissions and potentially ...
Bleeping Computer

WordPress Motors theme flaw mass-exploited to hijack admin accounts

Hackers are exploiting a critical privilege escalation vulnerability in the WordPress theme "Motors" to hijack administrator accounts and gain complete control of a targeted site. The malicious ...