Fake WordPress security advisory pushes backdoor plugin
WordPress administrators are being emailed fake WordPress security advisories for a fictitious vulnerability tracked as CVE-2023-45124 to infect sites with a malicious plugin. The campaign has been caught and reported by WordPress security experts at Wordfence and PatchStack, who published alerts on their sites to raise awareness. Fake WordPress update The emails pretend to be from WordPress, warning