Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin
(bleepingcomputer.com)
1.
2.
Critical Kirki flaw exploited to hijack WordPress admin accounts
(bleepingcomputer.com)
3.
WordPress plugin with 900k installs vulnerable to critical RCE flaw
(bleepingcomputer.com)