A critical security flaw in one of WordPress’s most popular plugins has left over 4 million websites vulnerable to potential hacking attempts.
The Really Simple Security plugin, formerly known as Really Simple SSL, contains an authentication bypass vulnerability that could allow attackers to gain full administrative access to affected sites.
https://cybersecuritynews.com/wordpress ... erability/