WordPress Plugin Flaws Are Exploitable

Vulnerabilities in several WordPress plugins have been exposed. Updates are available to address flaws in the following plugins – Duplicator, Flexible Checkout Fields for WooCommerce, Profile Builder, ThemeGrill Demo Importer, Async JavaScript, 10Web Map Builder for Google Maps, and Modern Events Calendar Lite plugins. Attackers have also been exploiting a vulnerability in ThemeREX Addons; there is currently no update available to address this flaw, and users are urged to remove the plugin from their sites.

Hence it is essential to ensure your themes and plugins are up to date.