A popular WordPress vulnerability has been found carrying a critical vulnerability which allowed hackers to attack websites, steal sensitive data, and even force them offline. The vulnerability, ...

A zero-day vulnerability in the ThemeREX Addons, a WordPress plugin installed on thousands of sites, is actively exploited by attackers to create user accounts with admin permissions and potentially ...

The United States Government Vulnerability Database and WordPress security researchers published alerts of WordPress plugin vulnerabilities. Among those plugins, nine of the most popular plugins ...

The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext passwords from user login attempts to the site's database, putting ...

An attack over the weekend unsuccessfully targeted 1.3 million WordPress websites, in attempts to download their configuration files and harvest database credentials. Attackers were spotted targeting ...

The U.S government National Vulnerability Database (NVD) published warnings of vulnerabilities in five WooCommerce WordPress plugins affecting over 135,000 installations. Many of the vulnerabilities ...

Threat actors are actively exploiting a security bug in Elementor Pro, a popular WordPress plugin used by over 11 million websites. The security bug allows authenticated users like shop customers or ...