WordPress announced a security update to fix two vulnerabilities that could provide an attacker with the opportunity to stage a full site takeover. Among the two vulnerabilities, the most serious one ...

Today it was disclosed that the popular WordPress contact form called Ninja Forms patched two vulnerabilities, affecting over 1 million WordPress installations. This represents another in a growing ...

Up to 20 attackers or groups of attackers are defacing WordPress websites that haven’t yet applied a recent patch for a critical vulnerability. The vulnerability, located in the platform’s REST API, ...

Attackers are actively exploiting a critical vulnerability in BackupBuddy, a WordPress plug-in that an estimated 140,000 websites are using to back up their installations. The vulnerability allows ...

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

Updates have been released for UpdraftPlus, a WordPress plugin with over 3 million installations, after a vulnerability was discovered by Jetpack security researcher Marc Montpas. Montpas said the ...

Record-number WordPress plugin vulnerabilities are wicked exploitable even with low CVSS scores, leaving security teams blind to their risk. Last year brought forth much more than a Ben ...

A WordPress plug-in could potentially allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. This poses a potential risk to those who use WordPress for e-commerce. Dr.

WP Fastest Cache, a WordPress plugin currently in use by over 1 million users that assists in more efficiently delivering their websites, is addressing a security issue with its 1.2.2 release. This ...

A security flaw in the Motors WordPress theme has been disclosed that could allow logged-in users with minimal privileges to gain full control of affected websites. The issue involves an arbitrary ...

A vulnerability within two widely used WordPress plugins is already being exploited by hackers, putting millions of WordPress sites at risk, according to a computer security firm. The plugins are ...