WordPress Supply Chain Attack Spreads Across Multiple Plug-Ins

Injected malicious JavaScript code gives attackers administrator rights on websites, and fills sites with SEO spam.