Another vulnerability has been exploited in the OttoKit plug in.

Hackers have begun to exploit another vulnerability in the popular WordPress plug in OttoKit. The exploit allows an attacker to elevate their access privileges by bypassing the security protocols. A patch for this vulnerability has been deployed already.

Read more:

https://www.securityweek.com/second-ottokit-vulnerability-exploited-to-hack-wordpress-sites/