Attackers Exploit Recently Discovered Vulnerability in OttoKit WordPress Plugin

Attackers are exploiting a recently discovered vulnerability in the OttoKit plugin for WordPress, just hours after its public disclosure. This vulnerability, listed under the code CVE-2025-3102 with a CVSS score of 8.1, allows an attacker to create malicious administrator users when the plugin is not properly configured. The OttoKit plugin, formerly known as SureTriggers, is the target of this exploitation.