WordPress plugin with over a million installs may have a worrying security flaw - here's what we know

A critical WordPress plugin flaw allows threat actors to run arbitrary PHP commands, potentially taking over entire websites.
Bleeping Computer

WordPress Plugin Bugs Let Hackers Wipe or Takeover Your Site

Critical bugs found in the WordPress Database Reset plugin used by over 80,000 sites allow attackers to drop all users and get automatically elevated to an administrator role and to reset any table in ...
Hosted on MSN

Another major WordPress add-on security flaw could affect 10,000 sites - find out if you're affected

King Addons plugin had two critical flaws enabling full WordPress site takeover Bugs allowed unauthenticated file uploads and privilege escalation via registration endpoint Users must update to ...