Is this s phishing attempt?

• 

  polargroupservices · Member · Apr 5, 2024 at 2:39 am

  • Copy link
  • Add topic to favorites

  Hello friends,

  Got this email and wanted to share it with you. Please advice.

  Thanks so much, Luis

  —————–

  From: WordPress.org
  Sent: Wednesday, April 3, 2024 8:53 PM
  To: (email visible only to moderators and staff)
  Subject: Immediate Action Needed: Vulnerability detected – Your website conexionpr.org is at risk!

  Dear user

  The WordPress Security Team has detected a high risk vulnerability on your site: conexionpr.org

  The Remote Code Execution (RCE) high risk vulnerability we identified on your site can lead to the execution of malicious code and puts your data, user information and site security at serious risk.

  We advise you to apply the CVE-2024-1564 Patch right away, while we are currently working to address this important security threat in the next WordPress update.

  Click the button below to download the plugin, and then proceed to install and activate it on your site. By doing that, you ensure a hassle-free and secure protection against known risks and malicious actions associated to this vulnerability.
  Download Plugin

  Sincerely
  The WordPress Security Team

  WordPress
  487 Chenery St, San Francisco, CA, 94117

  Unsubscribe

  WP.com: Yes
  Jetpack: No
  Correct account: Yes

  The blog I need help with is: (visible only to logged in users)

• 

  staartmees · Member · Apr 5, 2024 at 5:01 am

  • Copy link

  This is a well-known spam that’s going around for several weeks.

• 

  parkdanil · Member · Apr 5, 2024 at 7:02 pm

  • Copy link

  Yeah, that’s phishing spam.

  Plus, it says WordPress.org and refers to updates and patches. WP.com sites don’t have these flaws.

• 

  polargroupservices · Member · Apr 22, 2024 at 4:39 pm

  • Copy link

  Thanks. I figure that was the case. Just saddens me to know many folks will probably bite the hook. Knowledge is crucial, and common sense.
  Best regards from Puerto Rico, Luis