Bleeping Computer

Severe SQL Injection Flaw Discovered in WordPress Plugin with Over 1 Million Installs

A WordPress plugin installed on over one million sites has just fixed a severe SQL injection vulnerability that can allow attackers to steal data from a website's database. The vulnerable plugin's ...
Infosecurity-magazine.com

High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users

A serious security issue has been discovered in the WordPress Paid Membership Subscriptions plugin, which is used by over 10,000 sites to manage memberships and recurring payments. Versions 2.15.1 and ...