Millions of WordPress sites have been left vulnerable by a scripting flaw found in two popular plugins, one of which is present in the default installation of the blogging platform, reports Computer World.The two plugins are JetPack and Twenty Fifteen, the first of which is a customization and performance tool, and the latter is a theme designed to allow infinite scrolling. Twenty Fifteen is installed into new WordPress sites as a default, multiplying the number of potential targets.
Read on, source: Millions of WordPress sites left vulnerable by plugin flaw