[WordPress Security] PSA: Fake CVE-2023-45124 Phishing Scam Tricks Users Into Installing Backdoor Plugin

From: Wordfence <list_at_wordfence.com>
Date: Fri, 1 Dec 2023 12:33:22 -0800

Plugin adds a malicious administrator and downloads a separate backdoor granting total control over the site before phoning home.

Wordfence-Logo.png (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw5H3prCCW6N1vHY6lZ3pcV1hw_G9k65gSW3NvWXj3JRm5_W2rNMHs7pWj7HW3YXvvN45mLQFW5sNBzv3g3MSsW3g60Tr2_5v_QN4xyr2SnCPXJVrB54S5ZY1-KW16h63H4kJP2WW48rtCB61lnvsW75m55S5S5rqNW12dQ-25JNxTJW5GsKqC5bxSCvW8wFwMg3fjfccW21X84w4XpY0jN42xQ5Pp6rrmW3WJNwd7d27-mTYpyq70KYrtN92ngclFHswnW5CwKmM7crvqjW85kRJw26ZjZxW5nh69k7kc4G_f26Dcpg04 )

PSA Fake CVE (1) (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw545m_5PW5BWr2F6lZ3ldV7dKPR674vfrW3mWPy96pjX1WW9gXQCJ85ZY1MW82vnHZ5V57WBW4YchGq4KsHzVW23RvvN6gFbXzN8_bf7C71LXLW8vMrGP5R38gkW7HWQ_Y3F4-KBW5KM7GF6_x_Q8W4cYf3m5Q-r9KW3ps6T-6LpsgHW6HRRkm4SrSWcW8fDqZ83dwdLMW7_xSKg8S5kjMW7yFGyQ7GTPq1W7M7l4c7DhtyHN15n09L-k0SMW7KzpSW7FWzWhVjGsF93Q_Yj1W3SyB9n4ry8d8VxxLH726wjXBW1JnBdq5VPnz5W2r4B_-3x4M2hW7rJwTc6jczSVW6YK9VJ5M15HzN8lflnBrVLXDW7w_2QR2kFKFnW5-_Hvs1mBqwDW754w1r50NPPVW4fGjKR1nFML-V8b1Xp4Qdj_GV3Tdgz4rzd7VVgbRX-8Gw482f2s9PMj04 )

The Wordfence Threat Intelligence Team has recently been informed of a phishing campaign targeting WordPress users. The Phishing email claims to be from the WordPress team and warns of a Remote Code Execution vulnerability on the user’s site with an identifier of CVE-2023-45124, which is not currently a valid CVE. The email prompts the victim to download a “Patch” plugin and install it.

phishing email (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw545m_5PW5BWr2F6lZ3ldV7dKPR674vfrW3mWPy96pjX1WW9gXQCJ85ZY1MW82vnHZ5V57WBW4YchGq4KsHzVW23RvvN6gFbXzN8_bf7C71LXLW8vMrGP5R38gkW7HWQ_Y3F4-KBW5KM7GF6_x_Q8W4cYf3m5Q-r9KW3ps6T-6LpsgHW6HRRkm4SrSWcW8fDqZ83dwdLMW7_xSKg8S5kjMW7yFGyQ7GTPq1W7M7l4c7DhtyHN15n09L-k0SMW7KzpSW7FWzWhVjGsF93Q_Yj1W3SyB9n4ry8d8VxxLH726wjXBW1JnBdq5VPnz5W2r4B_-3x4M2hW7rJwTc6jczSVW6YK9VJ5M15HzN8lflnBrVLXDW7w_2QR2kFKFnW5-_Hvs1mBqwDW754w1r50NPPVW4fGjKR1nFML-V8b1Xp4Qdj_GV3Tdgz4rzd7VVgbRX-8Gw482f2s9PMj04 )

CONTINUE READING ON THE BLOG
(https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw545m_5PW5BWr2F6lZ3ldV7dKPR674vfrW3mWPy96pjX1WW9gXQCJ85ZY1MW82vnHZ5V57WBW4YchGq4KsHzVW23RvvN6gFbXzN8_bf7C71LXLW8vMrGP5R38gkW7HWQ_Y3F4-KBW5KM7GF6_x_Q8W4cYf3m5Q-r9KW3ps6T-6LpsgHW6HRRkm4SrSWcW8fDqZ83dwdLMW7_xSKg8S5kjMW7yFGyQ7GTPq1W7M7l4c7DhtyHN15n09L-k0SMW7KzpSW7FWzWhVjGsF93Q_Yj1W3SyB9n4ry8d8VxxLH726wjXBW1JnBdq5VPnz5W2r4B_-3x4M2hW7rJwTc6jczSVW6YK9VJ5M15HzN8lflnBrVLXDW7w_2QR2kFKFnW5-_Hvs1mBqwDW754w1r50NPPVW4fGjKR1nFML-V8b1Xp4Qdj_GV3Tdgz4rzd7VVgbRX-8Gw482f2s9PMj04 )

The Download Plugin link redirects the victim to a convincing fake landing page at 'en-gb-wordpress[.]org':

landingpage (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw545m_5PW5BWr2F6lZ3ldV7dKPR674vfrW3mWPy96pjX1WW9gXQCJ85ZY1MW82vnHZ5V57WBW4YchGq4KsHzVW23RvvN6gFbXzN8_bf7C71LXLW8vMrGP5R38gkW7HWQ_Y3F4-KBW5KM7GF6_x_Q8W4cYf3m5Q-r9KW3ps6T-6LpsgHW6HRRkm4SrSWcW8fDqZ83dwdLMW7_xSKg8S5kjMW7yFGyQ7GTPq1W7M7l4c7DhtyHN15n09L-k0SMW7KzpSW7FWzWhVjGsF93Q_Yj1W3SyB9n4ry8d8VxxLH726wjXBW1JnBdq5VPnz5W2r4B_-3x4M2hW7rJwTc6jczSVW6YK9VJ5M15HzN8lflnBrVLXDW7w_2QR2kFKFnW5-_Hvs1mBqwDW754w1r50NPPVW4fGjKR1nFML-V8b1Xp4Qdj_GV3Tdgz4rzd7VVgbRX-8Gw482f2s9PMj04 )

If the victim downloads the plugin and installs it on their WordPress site, the plugin is installed with a slug of wpress-security-wordpress and adds a malicious administrator user with the username wpsecuritypatch. It then sends the site URL and generated password for this user back to a C2 domain: wpgate[.]zip. The malicious plugin also includes functionality to ensure that this user remains hidden. Additionally, it downloads a separate backdoor from wpgate[.]zip and saves it with a filename of wp-autoload.php in the webroot. This separate backdoor includes a hardcoded password that includes a file manager, a SQL Client, a PHP Console, and a Command Line Terminal, in addition to displaying server environment information:

backdoor (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw545m_5PW5BWr2F6lZ3ldV7dKPR674vfrW3mWPy96pjX1WW9gXQCJ85ZY1MW82vnHZ5V57WBW4YchGq4KsHzVW23RvvN6gFbXzN8_bf7C71LXLW8vMrGP5R38gkW7HWQ_Y3F4-KBW5KM7GF6_x_Q8W4cYf3m5Q-r9KW3ps6T-6LpsgHW6HRRkm4SrSWcW8fDqZ83dwdLMW7_xSKg8S5kjMW7yFGyQ7GTPq1W7M7l4c7DhtyHN15n09L-k0SMW7KzpSW7FWzWhVjGsF93Q_Yj1W3SyB9n4ry8d8VxxLH726wjXBW1JnBdq5VPnz5W2r4B_-3x4M2hW7rJwTc6jczSVW6YK9VJ5M15HzN8lflnBrVLXDW7w_2QR2kFKFnW5-_Hvs1mBqwDW754w1r50NPPVW4fGjKR1nFML-V8b1Xp4Qdj_GV3Tdgz4rzd7VVgbRX-8Gw482f2s9PMj04 )

This allows attackers to maintain persistence through multiple forms of access, granting them full control over the WordPress site as well as the web user account on the server.

Indicators of Compromise:

- A ‘wp-autoload.php’ file in the webroot with a SHA-256 hash of ffd5b0344123a984d27c4aa624215fa6452c3849522803b2bc3a6ee0bcb23809
- A plugin with a slug of ‘wpress-security-wordpress’
- A hidden administrative user with a username of ‘wpsecuritypatch’
- The following malicious domains:

- en-gb-wordpress[.]org
- wpgate[.]zip

Conclusion

In today’s PSA, we warned of a phishing campaign targeting WordPress users intended to trick victims into installing a malicious backdoor plugin on their site.

Our telemetry indicates that no Wordfence users are currently infected, and we have added the malicious administrator user to our known malicious usernames. Additionally, we are currently in the process of testing malware signatures to detect both the malicious plugin and the separate backdoor, which will be released to Wordfence Premium (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw6g3prCCW7Y8-PT6lZ3ktW2xc-sh38-9LrN8rdbsCWMJ99W8BvPNF7fS9jSW43495J2Z1D_kW7wTq7l1bg-NhW7Zhx_b91QhdzW2y5VM146ZnsDW6N5R545sX6NRN5-z8fTQYlKHW7X47H863PdLcW5Sfryp89-cFwW9dZmwX7XxPHJW1Pzdwh6-P-zZW61FnB32ll_DYW1lczcf7jh9BMW72JJ0n72fYBGW8Dz7Gh6mFhjRW5YDxMs48SxBZW4X0WYS2sYZcgW57zGs87m-9gnN8qVcz4xT-VkW7nCMTG8hw3w3N90FWZ_4CXkwW83G33q5pcYd5W3mt1Dv7HpfBCW7xYs7y8fLKyWf1Gn-L604 ) , Wordfence Care (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw6g3prCCW7Y8-PT6lZ3lpW8r0kFp3_nYs_W8_Gz8X4vWFTWW4xkTY85dFqWRW8d9Y4R12C-BZN3GqhDDxCc1sVl5hRW2wS8yLW6BB0Kq8MrcDlW6rNr-25TSF76W21X7P54s9z2XW2sWVFL1kBN-TW7ZQ0L34C3M6tW4crPz724GQmxW6VqY2w6fhMdFW1Wjk6W1Qjr9yW6MWDvH83S2lzW5GT7X34rgm5vN5KDHrd2CtzzW3KgXLx7LMJRyW7Y1FZn4xM1SnW8JQnRY6LL4C8W1_d6QT8gf2L9N8vJQKmPkLJZW5Tc8292cKDysN4LZW9_cHQzpW46Hf4K223QL4W4Z_Bsk1ntwsvf4V7gzx04 ) , Wordfence Response (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw6g3prCCW7Y8-PT6lZ3mWN5GHYS2cn0SjW3LLlDR5fwD7TW6gLVyn4yWfSJW5sQ6Jf5-NMG2W3J7wfj5zWLnHV1ZfJk5QTNFMW4BRbYX1YsRGLW2TTGXb79fGj1W8HFKJF8fbv7mW3SjvSD6yT2lbW5-8hNf3L1TlqW3Krt4L3MYPkDW7GsLzS42Xk7tW6TLzsB47XhcBVnCx2Z8Bt13BVwXzqF4n6C7vW2xMZNx4gjxQTW39_wpM1HL0hYN5q39rC_zzK5W2NF0Jl7RxB78W20BCLs8MYY1vW5xM70T2zwNBSW2Cwx3k87qs-8W6_mF0P8x2LgVW6sMF-g4yTfCTW6YNHH53jHxgKf7XY32804 ) , and paid Wordfence CLI (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw6g3prCCW7Y8-PT6lZ3npW4fQvTC7NltbLW5-Dgzp8w-LjbVw7HlR8PZ36zW7BPQ6B46hrWZW6sv_H66CrmcKW7CpT_x1Drzz4W4kmkHz3bnV7-W8L454N6bqg2XW8Cj98y7DpD1sW5SttFc7ysBlQW1d2nqG4cQMJxW63fGTY8qfD96W8qvD6M6jzlTsW3W8JHB8XZs24W1NM4n64QVGb4W5nXJqv8S-nMjN7BzmkRbj-z9W3LFZl68RGWccN2k3lrfbFdMNMRcnPng-BzDN3sS-CXXxKFmW3mDt8N1qqcFZW2XP8Y54FvDdvW1tgqWg5NN3jrW3648hs9d48bVW5R2BbR58MSZ-f34fNj404 ) users as soon as possible. Wordfence free users will receive the same signatures 30 days later.

We will release a deep-dive analysis of the malicious plugin and separate ‘wp-autoload.php’ backdoor in a future post. For the time being, be on the lookout for this phishing email and do not click any links, including the Unsubscribe link, or install the plugin on your site. If you have friends or acquaintances with WordPress sites, please forward this advisory to them to ensure that they do not install this malicious plugin.

Did you know that Wordfence has a Bug Bounty Program (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw6g3prCCW7Y8-PT6lZ3pGW5rRDdJ4rYQypN5gVpwy3l1K2W5xW3fB6v48fmW6rCG1t4tMNmRW5-LX-822hkBvW1YQC0d62GhzFW4Rgdj03mckC2W6K_Y5H2jQf6XW8gLT9s6k5PdVW3zmcxG49jKf5W7Zm32F4j-fdbW6NWYdn8Rkd3wN5SnflX7-h7gW9hJy0B5hSgJ8N7ZdJ4-gNVjvW4bsK7X1mwzFtW3bXz4K7-xQQbW3yZrTR4Wm4z1W56r9ns2y5-B-V69jB83yK3GgW8MQ-bK6zD7S0W44n-8L4JVpDSW8V-cvZ8bvTnkW34hpbk7hcqZnW67p2_N7JPd4kW1NkP-b75_DZ9dHgn7K04 ) ? We’ve recently increased our bounties by 6.25x until December 20th, 2023, with our bounties for the most critical vulnerabilities reaching $10,000 USD! If you’re an aspiring or current vulnerability researcher, click here to sign up (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw6g3prCCW7Y8-PT6lZ3mbW7dmsb_7VX0J6W9jplY_7g-fjDW7gr2841kSxPpW6ppyr9464j-nW78lhwV1Fhlt0W99fbw55fcl7RW5yBQXS81bLQdW1qy8Zm8bpdsHW9j0sfs53sGKLW35Vcpv4JtVxpW48rXqX5C7st7W72P9KH7_d8ZyW3V7wDB5TWKX2W4mr_648-djLNW3lk2vt4gFF3-VrSH4f6fZsHVW8lcyzy1b7WKFW6Wccg_6RCJv7W4zXm0K52-gygVDwX304Q_WS9N5kghb08KV1lW8mzlmv2krZKFN4Dqxq4L2cH7W7yYLNB6GtgCNW6dvMh-6KNwrSW9603dy6s4yyHf3qcPKd04 ) .

The Full Product Lineup

wf-stacked-free-1 (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw6g3prCCW7Y8-PT6lZ3mpW5D-QRV61CP0SVl15wn52CqRKW7JwyFM2q4-G3W4FRpLV73xsM0W8k5JDL1b68hYW7xmgYK5lrsRkW3FF2MQ3Q6thYW7n9lM753RSNKV7TBN78S_DQfW183HxN8HP7G8W7VZP5J8s5yHfW8mKmVF39tq1DW722FmN3VCBL6VwxH-m2MXVd-W39ZjHk1krD7yW5ZMJNG3XZwgYW2rzk_f8GVckgVFZr0d1jqmtHW3h74pg8S9dWcW3d92xS8jGwMQW3JWWzm8tVPbhN33Xx1vM2MnCW8ld5yj2ywrG7W91VX3G5F-XkHVQmtn15smZx8W5z8TCw1TPSN2f4sD75z04 )

wf-stacked-premium-1 (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw6g3prCCW7Y8-PT6lZ3nCN7TjYztpDbn8W5S6bpP3tMMyJW2nlLsM7WF312W1v0V0d2zW8PsW6dgWpg24lLHkW5Bd1Wv2CDv8NVhBc6D7gk23QN6LB2hyVtcYQW6T_w0y2FzQlqW5mhCLq7mNy8NN2jVxwKjgxFFW6wQXFQ3XTd4ZV4KPcG3PSD3_Vg7jWD5lhVRfW5zzC5v7VJhzRW4D6fbY5MyHm-W4S-BC08nsCjTN5C1K2FrkVRVN4C3X09jTlq-W94lNRK96hr9FW4QQWJC4jDm93W1t5M-03BvFqCW77W_gb7r_91XW2SPx7Z5ML3N5W3CpDqx2z94XnW9j0f2j3FshCMf25PFHC04 )

wf-stacked-care-3 (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw6g3prCCW7Y8-PT6lZ3pSN1WwK9Hhs5hrW4WfjR37RZFXHW6TvSVF2xcTH3W2D79jr8JSRj6W5kPW7_8S8h3HW36Z58R8C3_tDVvGMRG4zngytW5fqv5X7zPygSW2sC0R88Mmq-GW6x9-tB2NrCxWN5H5zXK5lZ27W7sBnWj1JVY8rW772DwZ8H3Q1wW1HjtVS17lFnZN6DVWfGrzw33W8Jw1Jz3Yw5xbW2TCLqY2mSlgcW72kfm76v2RWPW12fkDr5zK5z1W40GwRN8kB5H2W63tJwn4fX41pW9lRbFZ3XGWqVW1Zv1P73_YTHNW56B40b5GLdXvVzDmtL35NQyqW6DCXYN7TXylBf8DMrKW04 )

wf-stacked-response-2 (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw6g3prCCW7Y8-PT6lZ3mWN5GHYS2cn0SjW3LLlDR5fwD7TW6gLVyn4yWfSJW5sQ6Jf5-NMG2W3J7wfj5zWLnHV1ZfJk5QTNFMW4BRbYX1YsRGLW2TTGXb79fGj1W8HFKJF8fbv7mW3SjvSD6yT2lbW5-8hNf3L1TlqW3Krt4L3MYPkDW7GsLzS42Xk7tW6TLzsB47XhcBVnCx2Z8Bt13BVwXzqF4n6C7vW2xMZNx4gjxQTW39_wpM1HL0hYN5q39rC_zzK5W2NF0Jl7RxB78W20BCLs8MYY1vW5xM70T2zwNBSW2Cwx3k87qs-8W6_mF0P8x2LgVW6sMF-g4yTfCTW6YNHH53jHxgKf7XY32804 )

wf-stacked-cli (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw6g3prCCW7Y8-PT6lZ3npW4fQvTC7NltbLW5-Dgzp8w-LjbVw7HlR8PZ36zW7BPQ6B46hrWZW6sv_H66CrmcKW7CpT_x1Drzz4W4kmkHz3bnV7-W8L454N6bqg2XW8Cj98y7DpD1sW5SttFc7ysBlQW1d2nqG4cQMJxW63fGTY8qfD96W8qvD6M6jzlTsW3W8JHB8XZs24W1NM4n64QVGb4W5nXJqv8S-nMjN7BzmkRbj-z9W3LFZl68RGWccN2k3lrfbFdMNMRcnPng-BzDN3sS-CXXxKFmW3mDt8N1qqcFZW2XP8Y54FvDdvW1tgqWg5NN3jrW3648hs9d48bVW5R2BbR58MSZ-f34fNj404 )

wf-stacked-intelligence (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw5-3prCCW7lCdLW6lZ3kTW1smDQG4BR28fW2fCR1w3_C0glW5_dww86vRQP_W5PqV8s146870W61sBvs1cs-jcF5sRPwYDLglVGG9pw5n9wXnVd3qZC4Cd25bV3vw0R3d0QrnW9jvl_98VrMzLW4p4Mk561dBzfW5MDYRc8TkG7sVGpRZM1C5XYQW2bhYBH4mvjnGW1Tnblw73_K63W4fDkDz10Q5X2W3j_9dc2hdDwVW5Zxw4r6qbYzQVky1YC2HZWd4VswN1l5t80f4W9hWGNm4SQw1xN5y1jHM689hsW2lzfNy19NqLnW1PBggC1yL1f_f7Fg1Mx04 )

logo-defiant (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw5H3prCCW6N1vHY6lZ3nhN5yCFxRJsN_vW7kfRVz3v1z3cW8w1K7s3V71SpW3N0-8B9gmxDhW75j3G26BN6mLW1M3Mqz1B9Z29W4VRDtF6w9tMxW460tJw6jXWs9W88Yckj1FGJ8cW888jVQ8Bf5n-W46CVZl1WkBY4W705j9D1Ss7vkW7W4YXp2t44VFW3mq5B95tmtJWW5TnLRv5TrxLjW5bw_Yw6rhq94W2J6whG40DPshW1L-JC966W0nMW6NJHJW6dSSP4W50hYQW5NNMl1W8VMYtJ7gx4vcW6dLnRX7YgwLrf1S4f6s04 )

Defiant, Inc., 1700 Westlake Ave N STE 200

Seattle, WA 98109 United States

Unsubscribe (https://email.wordfence.com/hs/manage-preferences/unsubscribe-all?languagePreference=en&d=Vn9bTK892TtnVsxx1M3JN_XyW41Rcn-4h29fmN6J4V3XmWFdgW7QtyYC5hkY8bV25y7Q7dF4NHN7QJJwmX1gKbN6Mym0TXk_7QVbw2Zj1rfjRXW343V4Q1THCG_w1kbPtZhzV2&v=3&_hsenc=p2ANqtz-8RmHN7T7hWeSvaCu07EbVYtCUpPf_e850e5t6LiVwppuu5G3xmVo1hiUbGGA7Tr2eS7QggWHgy2Vgtl0_t_VB0hrh8cA&_hsmi=284873809 ) Manage Preferences (https://email.wordfence.com/hs/manage-preferences/unsubscribe?languagePreference=en&d=Vn9bTK892TtnVsxx1M3JN_XyW41Rcn-4h29fmN6J4V3XmWFdgW7QtyYC5hkY8bV25y7Q7dF4NHN7QJJwmX1gKbN6Mym0TXk_7QVbw2Zj1rfjRXW343V4Q1THCG_w1kbPtZhzV2&v=3&_hsenc=p2ANqtz-8RmHN7T7hWeSvaCu07EbVYtCUpPf_e850e5t6LiVwppuu5G3xmVo1hiUbGGA7Tr2eS7QggWHgy2Vgtl0_t_VB0hrh8cA&_hsmi=284873809 )

ISO_27001 (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VWW6Gy3bVSpzW7wP_zM4NwKHFW5b9Bvk56xM0jN3cFw5H3prCCW6N1vHY6lZ3q1W50pVGx5qmRWQW1g6zS45Hpv6FW1kwbj45Mrrf7W3hyC-77HyHMjW38GHv07FN6jPW8GR57T8cY8RKW3w_xD291TT3NVhNWB65bJt5HW4NfRVX2mGHRyW8JGpKC7dGGNmW5Q0gDV6GjBzcW5XCZT64yXYj4W34l1-J1D9rgjN3FCKTq3qW3CW2d4k868s9lv1W8-k5Zf2RzkGNVY1qZp5ksrwTW8_Rr9J9kQqGGW7t-3bp9c-PzmW6-dXK01-KJjVW8_z9DF818x4_W4C2y9B13g_q-f2YKgVT04 )

You're receiving this email because you signed up to the Wordfence WordPress security mailing list.
Received on Fri Dec 01 2023 - 21:33:26 CET

This archive was generated by hypermail 2.3.0 : Fri Dec 01 2023 - 21:43:17 CET