A recently revealed critical security vulnerability affecting OttoKit (previously known as SureTriggers) has begun to be actively exploited within hours of its public announcement.
The flaw, identified as CVE-2025-3102 (CVSS rating: 8.1), is an authorization bypass issue that may allow a malicious actor to establish admin accounts under specific circumstances, gaining control over vulnerable websites.
“The