Bleeping Computer

WordPress plugin bug impacts 1M sites, allows malicious redirects

The OptinMonster plugin is affected by a high-severity flaw that allows unauthorized API access and sensitive information disclosure on roughly a million WordPress sites. Tracked as CVE-2021-39341, ...
Infosecurity-magazine.com

Major WordPress Plugin Flaw Exploited in Under 4 Hours

A critical vulnerability in the WordPress plugin SureTriggers has exposed thousands of websites to remote attacks, allowing unauthenticated users to create administrative accounts. SureTriggers ...