via blog.sucuri.net => original post link
On December 1, 2023, several security researchers reported about a new phishing campaign targeting WordPress administrators.
WordPress sites owners had started receiving emails from WordPress.com with the following message:
“The WordPress Security Team has discovered a Remove Code Execution (RCE) vulnerability on your site, which allows attackers to execute malwares and steal your data, user details and more …”