Bleeping Computer

200K WordPress Sites Exposed to Takeover Attacks by Plugin Bug

A high severity cross-site request forgery (CSRF) bug allows attackers to take over WordPress sites running an unpatched version of the Code Snippets plugin because of missing referer checks on the ...
Searchenginejournal.com

WordPress Vulnerability Hits +1 Million Using Header & Footer Plugin

Vulnerability discovered in WordPress plugin is the second one found so far this year Cross-Site Request Forgery (CSRF) Vulnerability could allow deletion of files More than 1 Million active ...
Bleeping Computer

Critical Bugs in WordPress Plugins Let Hackers Take Over Sites

Hackers are attempting to take over tens of thousands of WordPress sites by exploiting critical vulnerabilities including a zero-day in multiple plugins that allow them to create rogue administrator ...