CSOonline

Critical plugin flaw opens over a million WordPress sites to RCE attacks

A critical vulnerability has been reported in WPML — a multilingual WordPress plugin with more than a million installations globally — that allows remote code execution on affected WordPress sites.
TechRadar

Another top WordPress plugin found carrying critical security flaws

Researchers from Patchstack find two new flaws in Fancy Product Designer The Radykal-built WordPress plugin has more than 20,000 active users The flaws allowed for remote code execution, arbitrary ...