{"id":211118,"date":"2025-04-11T01:18:04","date_gmt":"2025-04-11T06:18:04","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/04\/hackers-exploit-wordpress-plugin-auth-bypass-hours-after-disclosure"},"modified":"2025-04-11T01:18:04","modified_gmt":"2025-04-11T06:18:04","slug":"hackers-exploit-wordpress-plugin-auth-bypass-hours-after-disclosure","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/04\/hackers-exploit-wordpress-plugin-auth-bypass-hours-after-disclosure","title":{"rendered":"Hackers exploit WordPress plugin auth bypass hours after disclosure"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/hackers-exploit-wordpress-plugin-auth-bypass-hours-after-disclosure.jpg\"><\/a><\/p>\n<p>Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure.<\/p>\n<p>Users are strongly recommended to upgrade to the latest version of OttoKit\/SureTriggers, currently 1.0.79, released at the beginning of the month.<\/p>\n<p>The <a href=\"https:\/\/suretriggers.com\/\" target=\"_blank\" rel=\"nofollow noopener\">OttoKit WordPress plugin<\/a> allows users to connect plugins and external tools like WooCommerce, Mailchimp, and Google Sheets, automate tasks like sending emails and adding users, or updating CRMs without code. Statistics <a href=\"http:\/\/wordpress.org\/plugins\/suretriggers\/#description\" target=\"_blank\" rel=\"nofollow noopener\">show<\/a> that the product is active on 100,000 websites.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure. Users are strongly recommended to upgrade to the latest version of OttoKit\/SureTriggers, currently 1.0.79, released at the beginning of the month. The OttoKit WordPress plugin allows users to connect plugins and external [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,1492],"tags":[],"class_list":["post-211118","post","type-post","status-publish","format-standard","hentry","category-robotics-ai","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/211118","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=211118"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/211118\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=211118"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=211118"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=211118"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}