A widespread and ongoing malicious advertising campaign is exploiting several recently-disclosed WordPress plugin vulnerabilities to redirect website visitors to booby-trapped landing pages.
Researchers at Wordfence said that they recently discovered bad actors injecting code into websites with the vulnerable plugins in order to display unwanted popup ads, as well as redirect site visitors to tech support scam pages, malicious Android APKs and sketchy pharmaceutical ads.