Wordfence Threat Announcement – OptinMonster plugin

Today, October 27th, the Wordfence Threat Intelligence Team published details of a vulnerability in the OptinMonster plugin that affects over 1,000,000 WordPress sites. The vulnerability lets any site visitor export sensitive information and add malicious JavaScript to a WordPress site. 

You can find out which versions of the plugin are affected, how to protect yourself against this vulnerability, and all the technical details on the Wordfence Blog.