Security News Hackers exploit WordPress plugin Post SMTP to hijack admin accounts BleepingComputer Daniel Bender 04 Nov 2025 Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts.
