Critical security flaw could leave over 100,000 WordPress sites at risk

A flaw in TI WooCommerce Wishlist allows threat actors to upload arbitrary files. Since the files can be malicious, they could fully take over a website. A patch is not yet released, so users should take care.