The 4 WordPress flaws hackers targeted the most in Q1 2025

A new report sheds light on the most targeted WordPress plugin vulnerabilities hackers used in the first quarter of 2025 to compromise sites. All four flaws are vulnerabilities discovered and fixed in 2024 but remain unpatched in many cases, giving hackers the opportunity to execute arbitrary code or exfiltrate sensitive data. Among the four flaws, which are all critical severity, are two that are reported as actively exploited for the first time. According to a new Patchstack report, the four flaws that received the most exploitation attempts are: CVE-2024-27956 : A critical SQL injection flaw in the WordPress Automatic Plugin (40,000+ installs) allowed unauthenticated attackers to run arbitrary SQL via the auth POST parameter in the CSV export feature. Wallarm first reported active exploitation of this flaw in May 2024. Patchstack says its virtual patch blocked over 6,500 attacks this year so far. (fixed in 3.92.1) : A critical SQL injection flaw in the WordPress Automatic Plugi ... Read full article.