{"id":223984,"date":"2025-10-25T04:14:38","date_gmt":"2025-10-25T09:14:38","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/10\/hackers-launch-mass-attacks-exploiting-outdated-wordpress-plugins"},"modified":"2025-10-25T04:14:38","modified_gmt":"2025-10-25T09:14:38","slug":"hackers-launch-mass-attacks-exploiting-outdated-wordpress-plugins","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/10\/hackers-launch-mass-attacks-exploiting-outdated-wordpress-plugins","title":{"rendered":"Hackers launch mass attacks exploiting outdated WordPress plugins"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/hackers-launch-mass-attacks-exploiting-outdated-wordpress-plugins.jpg\"><\/a><\/p>\n<p>A widespread exploitation campaign is targeting WordPress websites with GutenKit and Hunk Companion plugins vulnerable to critical-severity, old security issues that can be used to achieve remote code execution (RCE).<\/p>\n<p>WordPress security firm <a href=\"https:\/\/www.wordfence.com\/blog\/2025\/10\/mass-exploit-campaign-targeting-arbitrary-plugin-installation-vulnerabilities\/\" target=\"_blank\" rel=\"nofollow noopener\">Wordfence says<\/a> that it blocked 8.7 million attack attempts against its customers in just two days, October 8 and 9.<\/p>\n<p>The campaign expoits three flaws, tracked as CVE-2024\u20139234, CVE-2024\u20139707, and CVE-2024\u201311972, all rated critical (CVSS 9.8).<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A widespread exploitation campaign is targeting WordPress websites with GutenKit and Hunk Companion plugins vulnerable to critical-severity, old security issues that can be used to achieve remote code execution (RCE). WordPress security firm Wordfence says that it blocked 8.7 million attack attempts against its customers in just two days, October 8 and 9. The campaign [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1492],"tags":[],"class_list":["post-223984","post","type-post","status-publish","format-standard","hentry","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/223984","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=223984"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/223984\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=223984"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=223984"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=223984"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}