bleepingcomputer.com – Security researchers have detected a massive campaign that scanned close to 1.6 million WordPress sites for the presence of a vulnerable plugin that allows uploading files without authentication.

Tweeted by @aidaakl https://twitter.com/aidaakl/status/1547962012654718983