"Hackers Target WordPress Database Plugin Active on 1 million Sites"
"Hackers Target WordPress Database Plugin Active on 1 million Sites"
Security researchers at Wordfence have discovered malicious activity targeting a critical severity flaw in the "Better Search Replace" WordPress plugin in the past 24 hours. Better Search Replace is a WordPress plugin with more than one million installations that helps with search and replace operations in databases when moving websites to new domains or servers. The plugin vendor, WP Engine, released version 1.4.5 last week to address a critical-severity PHP object injection vulnerability tracked as CVE-2023-6933.