From thehackernews.com
Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000 websites and could be abused by a malicious actor to take over vulnerable sites.
“This flaw made it possible for an attacker to update arbitrary site options on a vulnerable site, provided they could trick a site’s administrator into performing an action, such as clicking on a link,” WordPress security company Wordfence said in a report published last week.