Social Warfare plugin is a popular and widely deployed WordPress plugin with more than 900,000 downloads. It is used to add social share buttons to a WordPress website or blog. Last month, Social Warfare released an updated version 3.5.3 of their plugin to patch two security vulnerabilities. Hackers have been found exploiting a pair of critical security vulnerabilities in one of the popular social media sharing plugins to take control over WordPress websites. At the time of writing, more than 37,000 WordPress websites out of 42,000 active sites are still using an outdated, vulnerable version of the plugin.
Source: https://thehackernews.com/2019/04/wordpress-plugin-hacking.html