An Email from WordPress.com – Is it legit?
-
Hi,
Can you tell me if the following email is by you or if it’s spam?
Here is a screenshot of the headers: https://take.ms/ZYb0r
Here is the full message:“Dear user,
The WordPress Security Team has identified a Remote Code Excecution (RCE) vulnerability on your site, that allows attackers to execute malwares and risk your data, user informations and more.As we work on addressing this critical security concern in the next WordPress update, we urge you to urgently use the CVE-2023-45124 Patch, a plugin launched by the WordPress Team.
All you have to do is just download, install and activate the plugin, to ensure a quick and easy-going protection of your website’s security against the possible exploits and malicious activities linked with this vulnerability.
Download Plugin
Sincerely,
The WordPress Team”
It would be of great help if you provide me with an answer as soon as possible.Thank you very much!
The blog I need help with is: (visible only to logged in users)
-
That’s clearly scam as you can see in those headers and has nothing to do with wordpress.com.
-
Just had this one too. On the face of it it looks legit, but the incoming email looks a bit odd as if this was an issue I’m sure it would be easier for WordPress to release an update rather than an email.
- The topic ‘An Email from WordPress.com – Is it legit?’ is closed to new replies.
WordPress.com Forums 