Bleeping Computer

Security plugin flaw in millions of WordPress sites gives admin access

A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions. Really ...
HotHardware

Alarming WordPress Plugin Security Flaw Leaves 2M Sites Vulnerable To Attack

A WordPress plugin with over 2 million active installations left its users open to an alarming security flaw. The popular Advanced Custom Fields (ACF) plugin by WP Engine allows WordPress admins to ...
Searchenginejournal.com

WordPress Security Plugin Vulnerability Affects +1 Million Sites

WordPress security plugin discovered to have two vulnerabilities that could allow a malicious upload, cross-site scripting and allow viewing of contents of arbitrary files. All-In-One Security (AIOS) ...