Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts.
https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-post-smtp-to-hijack-admin-accounts/
BleepingComputer
npub1pk…z6763
2025-11-04 21:47:05 UTC
Author Public Key
npub1pkrnqz97z2wckgmwglckccgg65eanvw3wpvuses7npqlvv6st06svz6763Seen on
wss://relay.momostr.pinkPublished at
2025-11-04 21:47:05 UTCEvent JSON
{
"id": "291e670b6af5c2e3500ff5be7eb24d72f74e615431708383ee64d309b23f1d5a",
"pubkey": "0d873008be129d8b236e47f16c6108d533d9b1d17059c8661e9841f633505bf5",
"created_at": 1762292825,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/@BleepingComputer/115493622587129151",
"web"
],
[
"proxy",
"https://infosec.exchange/users/BleepingComputer/statuses/115493622587129151",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/BleepingComputer/statuses/115493622587129151",
"pink.momostr"
],
[
"-"
]
],
"content": "Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts.\n\nhttps://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-post-smtp-to-hijack-admin-accounts/",
"sig": "c82e485ce75a14fc80b6535da4d3e7d01d2068c29792afacefa55e6e86247ac487ee13aef4de7f266e0f426511c05bf127a0de096c7e79a7141f48a87b82bd12"
}