Yuzo Related Posts Zero-Day Vulnerability Exploited in the Wild

The Yuzo Related Posts plugin, which is installed on over 60,000 websites, was removed from the WordPress.org plugin directory on March 30, 2019 after an unpatched vulnerability was publicly, and irresponsibly, disclosed by a security researcher that same day. The vulnerability, which allows stored cross-site scripting (XSS), is now being exploited in the wild. These … Continue reading Yuzo Related Posts Zero-Day Vulnerability Exploited in the Wild