ZDNet

WordPress plugin vulnerabilities affect 20 million downloads

A new vulnerability in WordPress plugin WPTouch highlights a series of recent discoveries that critically affect active plugins downloaded and used by millions of WordPress bloggers. If you're a ...
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
TechRadar

This WordPress plugin security flaw could put millions of websites at risk - find out if you are affected

A popular plugin for the Wordpress website builder with more than two million active installs carried a severe flaw which allowed threat actors to steal sensitive data from visitors and, in some cases ...
TechRadar

WordPress plugin auth bypass exploited almost immediately after disclosure

Almost immediately after being disclosed to the public, a vulnerability in a WordPress plugin was used in an attack, security researchers have warned. Wordfence revealed an authentication bypass in ...
ZDNet

Publication of PoC in popular WordPress plugin leads to scans for vulnerable sites

Attackers are scanning for WordPress sites running a vulnerable version of a popular plugin that may allow them to take over sites and servers. The vulnerability affects "Duplicator," a WordPress ...
Searchenginejournal.com

Vulnerabilities in 17+ Elementor Add-on Plugins for WordPress

Wordfence security researchers discovered that virtually every plugin tested that adds functionality to Elementor had a vulnerability. Many of the contacted plugin publishers updated their plugins but ...