Over a million WordPress sites hit in plugin flaw — here's what we know

A popular WordPress plugin was found carrying two flaws that can cause data leaks.
Threat Post

More than 1 Million WordPress Sites Open to SQL Injection Attacks

More than one million different WordPress sites may be vulnerable to a critical plugin issue that could lead to SQL injections and in turn, total site takeover. More than one million WordPress sites ...
Bleeping Computer

Severe SQL Injection Flaw Discovered in WordPress Plugin with Over 1 Million Installs

A WordPress plugin installed on over one million sites has just fixed a severe SQL injection vulnerability that can allow attackers to steal data from a website's database. The vulnerable plugin's ...
Bleeping Computer

WP Automatic WordPress plugin hit by millions of SQL injection attacks

Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term ...
Infosecurity Magazine

Avada Builder Flaws Expose One Million WordPress Sites

Two newly disclosed vulnerabilities in the Avada Builder WordPress plugin have placed around one million sites at risk of ...
TechSpot

WordPress plugin vulnerability poses severe security risk, allows for site takeovers

In a nutshell: Many WordPress plugins are designed to enhance the content management system's ability to quickly and easily share content from almost anywhere on the internet. But one popular ...