Netvora logo
Submit Startup Subscribe
Home About Contact Submit Startup Subscribe

WordPress Sites Attacked via Critical Flaw in OttoKit Plugin

Comment

WordPress Sites Attacked via Critical Flaw in OttoKit Plugin

Netvora May 7, 2025 at 09:50 AM Security
WordPress Sites Attacked via Critical Flaw in OttoKit Plugin

WordPress Sites Attacked via Critical Flaw in OttoKit Plugin

By Netvora Tech News

A critical vulnerability in the OttoKit plugin, previously known as SureTriggers, is being exploited to gain administrative access to thousands of WordPress sites. The flaw, identified as CVE-2025-27007, has been rated 9.8 out of 10 in terms of severity. OttoKit is an automation platform that streamlines processes between various websites, applications, and WordPress plugins. According to WordPress.org, over 100,000 active WordPress sites utilize the plugin. The vulnerability occurs because the plugin fails to adequately verify user login credentials, allowing unauthorized attackers to establish a connection and elevate their privileges. Security experts at Wordfence have identified two scenarios in which this vulnerability can be exploited. The first scenario occurs when a website has never enabled an application password or connected OttoKit/SureTriggers to the site via a password. In this case, an attacker can create a new administrator account. The second scenario unfolds when an attacker has already authenticated to a site and generated an application password. In the observed attacks, attackers are attempting to exploit the first scenario to create a new administrator account. As a result, websites using the plugin are advised to install the available update and check for unknown administrators. In a similar attack last month, attackers exploited another vulnerability (CVE-2025-3102) in OttoKit/SureTriggers to target websites. Wordfence notes that both vulnerabilities are being used in the current attacks. On April 21, version 1.0.83 was released, which addresses the issue. However, according to Wordfence, attacks began on May 2. Statistics from WordPress.org indicate that tens of thousands of sites remain out of date.
  • OttoKit plugin vulnerability allows unauthorized attackers to gain administrative access to WordPress sites.
  • Over 100,000 active WordPress sites use the plugin.
  • Vulnerability rated 9.8 out of 10 in terms of severity.
  • Two scenarios identified in which the vulnerability can be exploited.
  • Websites using the plugin advised to install available update and check for unknown administrators.

Comments (0)

Leave a comment

Back to homepage

You might also like