Thousands of websites run buggy WordPress plugin that allows complete takeover

All versions are susceptible, there's no patch, so now's a good time to remove this add-on

Miscreants have reportedly scanned almost 1.6 million websites in attempts to exploit an arbitrary file upload vulnerability in a previously disclosed buggy WordPress plugin.…

from The Register