Zero-day in popular WordPress plugin exploited in the wild to take over sites

Attacks started around three weeks ago and are still going on. Users should update the WP GDPR Compliance plugin to version 1.4.3 to protect their sites.