Million of WordPress websites exposed to the risk of cyber attack due to a critical vulnerability affecting the WP-Super-Cache plugin. The plugin is normally used to improve the performance of the WordPress website because it generates static HTML files from dynamic WordPress blogs. The critical persistent cross-site scripting vulnerability was reported by experts from Sucuri, researcher Marc-Alexandre Montpas explained that attackers can exploit the flaw to inject malicious code into WordPress-published pages that use the extension. Administrators of the plugin urge to upgrade to the plugin to version 1.4.4, which fixes the bug.”]
Source: http://securityaffairs.co/wordpress/35767/hacking/flaw-in-wp-super-cache-plugin.html