The WordPress plugin was being used to capture user actions when they visited a Webpage, & was installed on over 500,000 Websites.
Severe vulnerabilities patched in Facebook for WordPress Plugin – zdnet.com
Two severe vulnerabilities have been patched in the Facebook for WordPress Plugin. On December 22, the cybersecurity researchers privately disclosed a critical vulnerability to the vendor which has been issued a CVSS severity score of The vulnerability, described as a PHP Object injection, was found in the run_action() function of the software.
Link: Severe vulnerabilities patched in Facebook for WordPress Plugin
via www.zdnet.com