CleanTalk WordPress Plugin Vulnerability Threatens Up To 200K Sites

CleanTalk WordPress plugin vulnerability affecting up to 200,000 sites could lead to remote code execution by unauthenticated attackers.
Threat Post

20K WordPress Sites Exposed by Insecure Plugin REST-API

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS. More than 20,000 WordPress sites are vulnerable to malicious code injection, phishing ...

Internet Archive's Wordpress Plugin Brings Dead Links Back to Life

If you run your website with Wordpress, you can automatically bring dead links back to life. One plugin is all it takes.
Infosecurity Magazine

SQL Injection Flaw Affects 40,000 WordPress Sites

More than 40,000 WordPress sites using the Quiz and Survey Master plugin have been affected by a SQL injection vulnerability that allowed authenticated users to interfere with database queries.