A WP Mobile Detector vulnerability is being exploited in the wild. The plugin has now been removed from the WordPress repository.