WP-Super-Cache - Critical Vulnerability, Be sure to upgrade
As many as 1 million sites imperiled by dangerous bug in WordPress plugin
As many as a million websites could be imperiled by a critical vulnerability recently discovered in WP-Super-Cache, a WordPress plugin that generates static HTML files from dynamic WordPress blogs.
The persistent cross-site scripting bug allows attackers to insert malicious code into WordPress-published pages that use the extension, according to a blog post published Tuesday by security firm Sucuri. Anyone who relies on the plug in should immediately upgrade to version 1.4.4, which has fixes for that bug and several others.