Critical WordPress Plug-in RCE Bug Exposes Reams of Websites to TakeoverBy rooter / December 15, 2023 Attackers can inject and execute arbitrary PHP code using a flaw in Backup Migration, which has been downloaded more than 90K times.
