The security team at WordPress has taken advantage of a powerful, but rarely used, feature in the content management platform to force an update to a popular plug-in across the entire user base. Loginizer, with more than a million installations, was updated after researchers found a critical vulnerability that could have allowed an attacker to take control of a site through SQL injection techniques.

Read full article on Dark Reading