A WordPress plug-in installed in more than 1 million websites that was vulnerable to high-severity bugs has been patched. The vulnerabilities in the OptinMonster Plug-in, which helps customers create sales campaigns, would have allowed attackers to export sensitive information and add malicious pieces of code or JavaScript to all affected WordPress sites. American Express, ClickBank, Pinterest, Experian, Trip Advisor and Harvard University are among those using the plug-ins. The fix-in has now been released by Wordfence.”]
Source: https://www.cuinfosecurity.com/wordpress-plug-in-bugs-put-1-million-plus-sites-at-risk-a-17822