An advisory was issued for three WordPress file management plugins that are affected by a vulnerability that allows unauthenticated attackers delete arbitrary files. The three plugins are installed in ...
WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. Over the past couple of years, information-stealing ...
An attacker bought 30+ WordPress plugins (Essential Plugin portfolio) on Flippa for six figures, planted a PHP deserialization backdoor in August 2025, then activated it eight months later to serve ...
A new report about the state of WordPress security called attention to the hidden threat posed by premium plugins and to the fact that hackers are increasingly exploiting vulnerabilities before many ...
A hot potato: WordPress plugins can significantly expand the native capabilities of the popular content management system, but they can also become a double edged sword. When malicious code finds its ...
More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows unauthorized access to websites running them. A malicious actor planted the backdoor ...
The dispute between WordPress founder Matt Mullenweg and hosting provider WP Engine continues, with Mullenweg announcing that WordPress is “forking” a plug-in developed by WP Engine. Specifically, ...
WordPress users warned as millions of attacks reported. Updated October 29 with a correction to the WordPress attack statistics: the correct number is 1.6 million attacks in 48 hours. WordPress ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results