Vulnerability Discovered in BetterLinks Plugin < 2.0.4
https://www.wordfence.comBetterLinks WordPress plugin has 300,000+ active installations, the plugin provides an easy method of redirecting requests to another page on your site or elsewhere on the web . In versions prior to 2.0.4, there is a vulnerability that allows unauthenticated users to update redirects for the site allowing an attacker to redirect all site traffic to an external malicious site. In addition, there were several remaining flaws that made it possible for authenticated users to perform actions like installing and activating plugins, in addition to less critical actions.
The issue has been fixed in Version 1.x.x which is available now from the WordPress Plugin Repo.