News
A WordPress privacy plugin opened 115,000 sites to takeover
A WordPress plugin called Burst Statistics, installed on about 200,000 sites and marketed as a privacy-friendly alternative to Google Analytics, has a critical authentication-bypass flaw that lets attackers walk in as the site administrator. Wordfence discovered it on May 8th. A patch shipped May 12. As of about a