via pluginvulnerabilities.com => original post link
For some time, we have been seeing a hacker probing for the usage of various WordPress plugins with known vulnerabilities across numerous websites. Many of those vulnerabilities have been SQL injection vulnerabilities. Over the weekend we saw them looking for usage of the WordPress plugin Gift Voucher. That isn’t surprising considering that there is an unfixed SQL injection vulnerability that was publicly disclosed by Tenable on March 22. What is surprising is that the plugin is still available in the WordPress Plugin Directory as of now:
[Read more]