The week beginning 2nd October 2017, developers of the WordFence plugin have found 3 plugins that had vulnerabilities in their code. This allowed malicious attackers to completely takeover websites where these 3 plugins were installed.
The 3 plugins that have been compromised are:
1. Appointments by WPMU Dev.
2. Flickr Gallery by Dan Coulter.
3. RegistrationMagic-Custom Registration Forms by CMSHelpLive.
Over 20,000 sites use these plugins and are potentially at risk, however all of these plugins have been patched to fix this issue in version 2.2.2 of the Appointments plugin by WPMU Dev, version 1.5.3 of the Flickr Gallery plugin by Dan Coulter and fixed in version 18.104.22.168 of the RegistrationMagic_Custom Registration Forms plugin by CMSHelpLive.
If your site has any of these plugins, our advice would be to either uninstall these plugins from your site immediately and use another plugin instead, or perform a clean installation of the latest version of the plugin so that these vulnerabilities have been fixed.