A popular WordPress plugin was found carrying two flaws that can cause data leaks.

Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow ...

A bug exploitable in WordPress 4.8.2 and earlier creates unexpected and unsafe conditions ripe for a SQL-injection attack. A bug exploitable in WordPress 4.8.2 and earlier creates unexpected and ...

Two newly disclosed vulnerabilities in the Avada Builder WordPress plugin have placed around one million sites at risk of ...

A bug discovered in WordPress allows attackers to trigger an SQL injection attack leading to complete website hijacking. The vulnerability was discovered in the WordPress content management system ...

A WordPress plugin installed on over one million sites has just fixed a severe SQL injection vulnerability that can allow attackers to steal data from a website's database. The vulnerable plugin's ...

Attackers can exploit a critical SQL injection vulnerability found in a widely used WordPress plug-in to compromise more than 1 million sites and extract sensitive data such as password hashes from ...

The WordPress security team has taken a rare step last week and used a lesser-known internal capability to forcibly push a security update for a popular plugin. While robust passwords help you secure ...

Duplicate Page is an open source pluginfor WordPress that does just what you think it will do. It duplicates pages. There are over 800,000 installations of the plugin. It will duplicate pages, posts ...

Popular search engine optimization plugin, SEO by Yoast fixed a blind SQL injection vulnerability yesterday that could be exploited to take control of affected sites. SEO by Yoast, a popular search ...