Insights / Threat Intelligence

What we are seeing right now.

Active CVE Feed / Last 60 days
Severity
CVE
Plugin / Theme
Impact
OwlEye Response
CRITICAL
CVE-2025-4322
Motors Theme (≤ 5.6.67)
Unauthenticated password reset → admin takeover.
Virtually patched at edge WAF within 28 minutes of disclosure; all affected estates force-rotated.
CRITICAL
CVE-2025-32873
OttoKit / SureTriggers (≤ 1.0.78)
Authentication bypass on REST automation endpoints.
Blocked pre-disclosure by generic REST auth-header rule; retroactive audit found zero exposure.
CRITICAL
CVE-2024-10924
Really Simple Security (≤ 9.1.1.1)
Authentication bypass — full admin takeover.
Virtually patched across all OwlEye estates within 41 minutes of disclosure.
HIGH
CVE-2025-6018
GiveWP (≤ 3.16.1)
Unauthenticated PHP object injection via donation form.
Payload signatures deployed; all donation endpoints hardened with allowlist deserialization.
HIGH
CVE-2025-3439
Elementor Pro (≤ 3.25.4)
Stored XSS via template import allowing session hijack.
Sanitizer patch pushed same-day; template imports quarantined pending review.
HIGH
CVE-2024-50550
LiteSpeed Cache (≤ 6.5.0.2)
Privilege escalation via weak hash check.
Mitigated at edge WAF; affected sites force-rotated all session tokens.
HIGH
CVE-2024-44000
LiteSpeed Cache (debug log exposure)
Account takeover via leaked session cookies.
Egress filtering deployed; debug log paths globally blocked.
MEDIUM
CVE-2025-2011
WPForms (≤ 1.9.2.1)
Authenticated CSRF allowing arbitrary form deletion.
Origin & referer policy enforced at proxy layer; no customer impact observed.
MEDIUM
CVE-2024-43917
TI WooCommerce Wishlist
SQL injection in product metadata.
Generic SQLi rule already blocked all observed payloads pre-disclosure.
Showing 9 of 9 entries

Campaigns under active observation.

Active Campaign

Operation Balada

Target
Activity
3.4M attempts last 60 days
Active Campaign

WP-VCD Resurgence

Target
Activity
1.2M attempts last 60 days
Active Campaign

REST API Enumeration

Target
Activity
18.7M requests last 60 days
Active Campaign

SocGholish Fake Update

Target
Activity
742K attempts last 60 days
Active Campaign

XML-RPC Credential Spray

Target
Activity
24.1M requests last 60 days
Active Campaign

Sign1 Malware Wave

Target
Activity
890K attempts last 60 days