200K WordPress Sites Exposed to Takeoker Attacks by Plugin Bug

By GIXnews

A high severity cross-site request forgery (CSRF) bug allows attackers to take over WordPress sites running an unpatched version of the Code Snippets plugin because of missing referer checks on the import menu. […]

Source:: BleepingComputer