On May 2, 2025, a critical vulnerability in the OttoKit: All-in-One Automation Platform (formerly SureTriggers) plugin was added to the Wordfence vulnerability database, allowing unauthenticated attackers and those with a valid application password to gain admin access. Exploitation began the same day, with mass attacks starting May 4, resulting in over 2,400 blocked attempts. Users are advised to update to the patched version 1.0.83 if not already applied. Indicators of compromised sites include suspicious admin account creation patterns. Wordfence customers received protection immediately, while free users will get it by June 1, 2025.
Recently Disclosed SureTriggers Critical Privilege Escalation Vulnerability Under Active Exploitation
