A high-severity vulnerability exists in a popular WordPress plugin, Code Snippets. The plugin allows users to run small chunks of PHP code on their websites. This can be used to extend the functionality of the website (essentially used as a mini- plugin) The flaw (CVE-2020-8417) has been patched by the plugin s developer. Security experts urge users to update to the latest version of the plugin, which has a wide install base of 200,000 websites.
Source: https://threatpost.com/200k-wordpress-sites-vulnerable-to-plugin-flaw/152415/