The latest articles on DEV Community by Leland Dieno (@lelanddieno). https://dev.to/lelanddieno https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1253011%2Fda681c60-8069-46cf-952e-0c9202786a87.jpg https://dev.to/lelanddieno en Leland Dieno Wed, 10 Jan 2024 17:16:28 +0000 https://dev.to/lelanddieno/wordpress-scam-plugin-being-sent-to-site-owners-1l2e https://dev.to/lelanddieno/wordpress-scam-plugin-being-sent-to-site-owners-1l2e <p>Hey everyone,</p> <p>Most of you probably already know about this, but several of my clients received the below email. Turns out this is a fake URL (looks legit to the average person) and its a malicious plugin.</p> <p>Dear user<br> The WordPress Security Team has identified a critical vulnerability on the website: CLIENTSWEBSITE.COM</p> <p>The Remote Code Execution (RCE) vulnerability identified on your site is classified as a critical threat, potentially allowing malicious code execution and putting your data, user details, and overall site security at risk.</p> <p>We advise you to apply the CVE-2024-46188 Patch immediately, while we are working on fixing this critical security concern in the next WordPress version.</p> <p>Simply download the plugin by clicking the button below, install and activate it on your site. This guarantees prompt and trouble-free defense against potential exploits and malicious actions linked to this vulnerability.</p> <h1> wordpress </h1> <h1> scams </h1> <h1> maliciouscode </h1>