Look out for fake emails about WordPress vulnerabilities

Look out for fake emails about WordPress vulnerabilities

Today a customer did the right thing and forwarded a strange email to us to check whether it was genuine. It was not, and thanks to their they avoided an attempted phishing attack.

The email was made to look as if it was sent by WordPress, saying that a security risk (an so-called “Remote Code Execution (RCE) high-risk vulnerability”) required a new patch, CVE-2024-41688. The “Download” link leads to a fake website which harvests user information.

If you have received an email with these details, ignore it and block the sender:

Sender: no-reply@delivermail-wordpress.org or noreply@help-wordpress.org
Subject: CRITICAL: Your website <example.com> is at risk!
Recommended WordPress patch: CVE-2024-46188 (which is a fake code – this patch does not exist)

More about WordPress…


Source link

About hosting

Check Also

High Growth Tech Stocks in France to Watch This October 2024

High Growth Tech Stocks in France to Watch This October 2024

As global markets respond positively to China’s new stimulus measures, European indices, including France’s CAC …

Leave a Reply

Your email address will not be published. Required fields are marked *