OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws
CVE-2025-27007 exploited in OttoKit WordPress plugin before v1.0.83 enables admin creation without authentication.
More info