20K WordPress Sites Exposed by Insecure Plugin REST-API

Vulnerabilities Web Security

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS.
Source: Threatpost.com