A high severity cross-site request forgery (CSRF) bug allows attackers to take over WordPress sites running an unpatched version of the Code Snippets plugin because of missing referer checks on the import menu. […]
Advertise on IT Security News.
Read the complete article: 200K WordPress Sites Exposed to Takeoker Attacks by Plugin Bug