Critical SSTI Flaw in WPML Plugin Exposes Millions of WordPress Sites to RCE Attacks
This vulnerability allows authorized users to inject and execute malicious code through the plugin’s shortcode feature, potentially leading to data theft and website takeover.