A popular WordPress plugin, Automatic (premium version), developed by ValvePress, has been found to harbor critical security vulnerabilities that put over 40,000 websites at risk. This plugin, known for its capability to create posts from various sources, including YouTube, Twitter, and virtually any website through scraping modules, has been identified as a gateway for potential cyber-attacks due to these flaws.
Source: GBHackers