From latesthackingnews.com
Heads up, WordPress admins! Numerous security vulnerabilities were discovered in the ProfilePress WordPress plugin that could allow for complete site takeovers!. patches are out, if affected make sure you update your site with the latest plugin version.