Today a customer did the right thing and forwarded a strange email to us to check whether it was genuine. It was not, and thanks to their they avoided an attempted phishing attack.
The email was made to look as if it was sent by WordPress, saying that a security risk (an so-called “Remote Code Execution (RCE) high-risk vulnerability”) required a new patch, CVE-2024-41688. The “Download” link leads to a fake website which harvests user information.
If you have received an email with these details, ignore it and block the sender:
Sender: no-reply@delivermail-wordpress.org
or noreply@help-wordpress.org
Subject: CRITICAL: Your website <example.com> is at risk!
Recommended WordPress patch: CVE-2024-46188 (which is a fake code – this patch does not exist)
More about WordPress…
Source link