Second OttoKit Vulnerability Exploited to Hack WordPress Sites

Second OttoKit Vulnerability Exploited to Hack WordPress Sites

A second vulnerability has been discovered in the OttoKit WordPress plugin, which threat actors are actively exploiting to compromise websites. Site administrators are urged to update to version 1.0.83 to mitigate these security risks. (Affected: OttoKit WordPress plugin)

Keypoints :

  • The OttoKit plugin, with over 100,000 installations, enables task automation for WordPress websites.
  • Recent attacks exploit CVE-2025-27007, a severe vulnerability allowing unauthenticated access with a CVSS score of 9.8.
  • The flaw exists in the β€˜create_wp_connection()’ function, which fails to correctly verify user authentication.
  • Exploitation requires the site to have never previously used an application password or connected via OttoKit.
  • Attackers can create administrative accounts once they establish a connection, compromising site security.
  • Site owners are advised to update OttoKit to version 1.0.83, which patches both CVE vulnerabilities.
  • Defiant provides indicators of compromise to help administrators detect ongoing exploitation attempts.

Read More: https://www.securityweek.com/second-ottokit-vulnerability-exploited-to-hack-wordpress-sites/