TechRadar

WordPress plugin auth bypass exploited almost immediately after disclosure

Almost immediately after being disclosed to the public, a vulnerability in a WordPress plugin was used in an attack, security researchers have warned. Wordfence revealed an authentication bypass in ...
Bleeping Computer

Security plugin flaw in millions of WordPress sites gives admin access

A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions. Really ...