Bleeping Computer

Ex-Employee Hacks WPML WordPress Plugin Site and Spams Users

Last night the web site for the WordPress Multilingual Plugin (WPML) WordPress plugin was hacked and users of the plugin started receiving receiving emails stating that the plugin is filled with ...
heise online

WordPress: 1 million websites use vulnerable plugin WPML

IT security researchers have discovered a critical vulnerability in the WordPress plug-in WPML. Authenticated attackers can use it to infiltrate malicious code from the web. An update closes the leak ...
Searchenginejournal.com

WordPress Translation Plugin Vulnerability Affects +1 Million Sites

A critical vulnerability was discovered in the WPML WordPress plugin, affecting over a million installations. The vulnerability allows an authenticated attacker to perform remote code execution, ...
CSOonline

Critical plugin flaw opens over a million WordPress sites to RCE attacks

A critical vulnerability has been reported in WPML — a multilingual WordPress plugin with more than a million installations globally — that allows remote code execution on affected WordPress sites.