Patch this WordPress plugin bug, thousands of site owners warned

The Wordfence Threat Intelligence team has discovered two separate vulnerabilities in a popular WordPress plugin used to change how download pages are displayed. The plugin in question is called WordPress Download Manager and it has been installed on over 100,000 sites according to WordPress.org. The first vulnerability can be exploited...