CSO Online

WordPress plugin hole enables account takeover

What makes this now-patched plugin hole especially dangerous is the lack of authentication needed for an attack, which can ...
SecurityWeek

Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover

Many websites exposed to account takeover due to a critical vulnerability in the email delivery WordPress plugin Post SMTP.
Dark Reading

Critical Site Takeover Flaw Affects 400K WordPress Sites

Attackers are already targeting a vulnerability in the Post SMTP plug-in that allows them to fully compromise an account and ...