Hackers are exploiting a critical zero-day flaw in the WordPress plug-in Fancy Product Designer. Because a patch has not yet been released, the team urges users to uninstall the vulnerable plug-ins. The flaw allows remote code execution before attempting a full site takeover. The vulnerability is compatible with multiple platforms, a security analyst at Defiant Inc. says. Defiant says it’s working with the plugin-in’s developer to mitigate the flaw and is working with him to mitigate it.”]
Source: https://www.cuinfosecurity.com/uninstall-now-critical-wordpress-plug-in-flaw-exploited-a-16785