https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-auth-bypass-hours-after-disclosure/ > Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure. > Users are strongly recommended to upgrade to the latest version of OttoKit/SureTriggers, currently 1.0.79, released at the beginning of the month.