A security vulnerability was discovered in a plugin for WordPress websites called WP Security Audit Log. This vulnerability allowed people outside the website to take control of the website without the owner’s knowledge. The vulnerability was fixed with the release of version 1.2.5 of the plugin.