Look out for fake emails about WordPress vulnerabilities

Look out for fake emails about WordPress vulnerabilities

Today a customer did the right thing and forwarded a strange email to us to check whether it was genuine. It was not, and thanks to their they avoided an attempted phishing attack.

The email was made to look as if it was sent by WordPress, saying that a security risk (an so-called “Remote Code Execution (RCE) high-risk vulnerability”) required a new patch, CVE-2024-41688. The “Download” link leads to a fake website which harvests user information.

If you have received an email with these details, ignore it and block the sender:

Sender: no-reply@delivermail-wordpress.org or noreply@help-wordpress.org
Subject: CRITICAL: Your website <example.com> is at risk!
Recommended WordPress patch: CVE-2024-46188 (which is a fake code – this patch does not exist)

More about WordPress…


Source link

About hosting

Check Also

Marcia Clark, "Informants: Lawyer X" Leads Wondery Exhibit C Lineup – Bleeding Cool

Posted in: Audio Dramas, TV | Tagged: marcia clark, wondery Wondery announced new shows for …

Leave a Reply

Your email address will not be published. Required fields are marked *