Threat Actor Selling WordPress 0-Day RCE Exploit for $15,000

Threat Actor: Unknown | Unknown
Victim: WordPress | WordPress
Price: $15,000
Exfiltrated Data: Not specified

Additional Information:

  • The threat actor is selling a zero-day vulnerability tailored for a WordPress 0-day Remote Code Execution (RCE) exploit.
  • The exploit is claimed to work on a very famous WordPress plugin.
  • The threat actor is avoiding providing detailed information about the exploit being offered for sale.
  • The price for this illicit access is set at $15,000.

In a concerning turn of events, a threat actor has allegedly sale of a zero-day vulnerability tailored explicitly for a WordPress 0-day Remote Code Execution (RCE) exploit.  The actor has claimed that it works on a very famous plugin of WordPress. Also, actor is avoiding providing detailed information about this exploit being offered for sale. Furthermore, the threat actor has established price for this illicit access at $15000.

Original Source: https://dailydarkweb.net/threat-actor-offers-wordpress-0-day-rce-exploit-for-sale-at-15000/