As seen on a Russian-language hacking forum, this news report:
A major vulnerability exploitation campaign has hit WordPress sites: attackers are targeting resources running the GutenKit and Hunk Companion plugins, which are vulnerable to critical vulnerabilities that allow arbitrary code execution on the server. Wordfence , a WordPress security company, recorded 8.7 million attack attempts in just two days—October 8 and 9.
The campaign exploits three vulnerabilities, registered under numbers CVE-2024-9234 , CVE-2024-9707 , and CVE-2024-11972 . All have the highest severity level, CVSS 9.8. The first of these, CVE-2024-9234, was discovered in the GutenKit plugin (with over 40,000 active installations). A flaw in the REST endpoint allows remote installation of any plugin without any authorization.
Two other vulnerabilities—CVE-2024-9707 and CVE-2024-11972—are present in the themehunk-import component of the Hunk Companion plugin, which is installed on approximately 8,000 websites.
Read more at Exploit.in.
