Bleeping Computer

Zero-Day in WordPress Plugin Exploited to Create Admin Accounts

A zero-day vulnerability in the ThemeREX Addons, a WordPress plugin installed on thousands of sites, is actively exploited by attackers to create user accounts with admin permissions and potentially ...
ZDNet

I asked ChatGPT to write a WordPress plugin I needed. It did it in less than 5 minutes

Not to put too fine a point on it but I'm more than a little freaked out. As an experiment, I asked ChatGPT to write a plugin that could save my wife some time with managing her website. I wrote a ...
CSO Online

WordPress plugin hole enables account takeover

What makes this now-patched plugin hole especially dangerous is the lack of authentication needed for an attack, which can give the ability to change root/admin passwords.