Zero-day vulnerability in WordPress YellowPencil Visual CSS Style Editor plugin actively exploited.

https://blog.nintechnet.com/zero-day-vulnerability-in-wordpress-visual-css-style-editor-plugin-actively-exploited/