During a routine audit of our Website Firewall (WAF), we found a critical vulnerability affecting the popular MainWP Child WordPress plugin. According to worpdress.org, it is installed on more than 90,000 WordPress sites as as remote administration tool. We contacted the MainWP team last week and they patched the vulnerability in version 2.0.9.2 last Friday.
more here.......http://blog.sucuri.net/2015/03/security-advisory-mainwp-child-wordpress-plugin.html
more here.......http://blog.sucuri.net/2015/03/security-advisory-mainwp-child-wordpress-plugin.html