The latest warning on a major security risk comes on the topic of a very simple WordPress plug-in which, if a user is willing and only slightly skillful, may be used to take over websites created by other users. In order to stay safe, the version of the plug-in you own must not be older than version 2.0.22.
The vulnerability in the plug-in has only recently been discovered and even though it was quickly fixed with the update, users were not unaffected by this vulnerability. This very popular plug-in is used by site administrators to put social sharing buttons into articles or comments. And yes, those include the most popular ones such as Facebook and Twitter.
Security researchers have discovered that this enables users who create a new account to access settings designed for administrators in ways that this plug-in was not created to do and thus, this allows them to take over other websites and other tools on the web. Since this plug-in has been downloaded more times than WordPress has been aware of, it goes to show that the effects of it have been affecting a greater number of websites than it was at first presumed.
It is important to note that sufficient warnings have been issued and every user who keeps its application up to date should be safe from any serious attacks and consequences, thanks to the security experts who reacted promptly and created an appropriate updated version of the plug-in.