Hackers exploit a critical WordPress plugin flaw that allows creation of administrator accounts without authentication.

Two security vulnerabilities — one a privilege-escalation problem and the other a stored XSS bug — afflict a WordPress plugin with 40,000 installs. Two vulnerabilities (one critical) in a WordPress ...

WordPress site owners who use commercial themes provided by ThemeGrill are advised to update one of the plugins that come installed with these themes to patch a critical bug that can let attackers ...

A major update to Yoast SEO fixes a bug that affected the rankings of certain websites. The founder of Yoast, Joost de Valk, personally offered an apology to victims ...

A popular WP plugin can be abused to take over websites and thousands of sites are vulnerable.

A high severity security flaw found in a WordPress plugin with more than 8,000 active installs can let authenticated attackers reset and wipe vulnerable websites. The plugin in question, known as ...

One flaw found in WordPress plugins Ultimate Addons for Beaver Builder and Ultimate Addons for Elementor is actively being exploited. Security researchers are warning users of two WordPress plugins – ...

Threat actors are attempting to exploit three critical CVEs from 2024 impacting two popular WordPress plugins, according to Wordfence. The security vendor claimed that the bugs affect the GutenKit and ...

Wordpress plugins are the bane of my existence. Most "designers/developers" try to fill all the business needs with a plugin and wonder why its so hard to manage. While this specific plugin is an ...

A new, dangerous vulnerability in a popular WordPress plugin was recently discovered. Cybersecurity researchers from Wordfence uncovered a flaw in the Elementor plugin that allowed any authenticated ...

The WordPress security team has taken a rare step last week and used a lesser-known internal capability to forcibly push a security update for a popular plugin. While robust passwords help you secure ...

A high severity bug found in Facebook's official chat plugin for WordPress websites with over 80,000 active installations could allow attackers to intercept messages sent by visitors to the vulnerable ...