image credit: Pixabay

WordPress Yellow Pencil Plugin Flaws Actively Exploited

April 12, 2019


The maker of a WordPress plugin, Yellow Pencil Visual Theme Customizer, is asking all users to immediately update after it was discovered to have software vulnerabilities that are being actively exploited.

The attacker exploiting these flaws has been behind several other recent plugin attacks these past few weeks, researchers said.

A visual-design plugin which allows users to style their websites, Yellow Pencil has an active install base of more than 30,000 websites. However, the plugin was discovered to have two software vulnerabilities which are now under active exploit.

Read More on Threat Post