Critical Authentication Flaw Impacts Both Free and Pro Users. A widely deployed five-in-one security plugin for WordPress websites contained a flaw that hackers could automate into a large-scale takeover campaign. The critical authentication bypass vulnerability takes advantage of a now-patched flaw in the Really Simple Security plugin.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/wordpress-plugin-vulnerability-threatens-4-million-sites-a-26843
