Summary: The Wordfence Threat Intelligence team discovered vulnerabilities in the Advanced Access Manager plugin installed on over 100k sites. Critical vulnerabilities found in the Quiz and Survey Master plugin were found in 30k+ WP sites using the vulnerable version. Thousands of sites broke after updating to WordPress 5.5 due to deprecated support for jQuery Migrate. A botnet campaign named Fritzfrog was discovered breaching SSH servers dating back to at least January 2020.
