A critical vulnerability has been identified in a WordPress plugin installed across more than 80,000 websites. 

Discovered by researchers at security firm Wordfence, the bug is present in WordPress plugin wpDiscuz (versions 7.0.0 to 7.0.4), used by administrators to integrate a comments section into their websites.

Source Article