It’s a scary bug, but it’s fixable. If your WordPress page uses Code Snippets, you should update the plugin right away—especially before adding or running any new code to your site. You can ...

A critical security issue found in the Ad Inserter WordPress plugin currently installed on over 200,000 websites allows authenticated attackers to remotely execute PHP code.

Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated attackers to remotely execute code and hijack servers.