ZDNet

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites. The zero-day was used in ...
ZDNet

Zero-day in WordPress SMTP plugin abused by two hacker groups

Two cyber-security companies providing firewall plugins for WordPress sites have detected attacks abusing a zero-day vulnerability in a popular WordPress plugin. At least two hacker groups have been ...