WordPress-powered sites backdoored after FishPig suffers supply chain attack

And two other security snafus in this web publishing world

It's only been a week or so, and obviously there are at least three critical holes in WordPress plugins and tools that are being exploited in the wild right now to compromise loads of websites....