200K WordPress Sites Exposed to Takeoker Attacks by Plugin Bug

A high severity cross-site request forgery (CSRF) bug allows attackers to take over WordPress sites running an unpatched version of the Code Snippets plugin because of missing referer checks on the import menu. […]

This post appeared first on Bleeping Computer
Author: Sergiu Gatlan