ALERT: ThemeREX Addons - Remote Code Execution (0day, Being Exploited)

ThemeREX plugin has serious loopholes and should be temporarily disabled. If you do not do so, the site could be taken over completely. Details about the gap can be found here:

https://www.wordfence.com/blog/2020/02/zero-day-vulnerability-in-themerex-addons-plugin-exploited-in-the-wild/