The critical vulnerability allows attackers to read arbitrary emails, including password reset messages.
The post Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover appeared first on SecurityWeek.