Vulnerabilities & CVEs
Spiffy Calendar SQL Injection Lets Hackers Hijack WordPress Databases
A straightforward SQL injection in Spiffy Calendar plugin opens doors for database dumps and site takeovers. Thousands of WordPress installs could be vulnerable—time to check yours.