Malware that passes itself off as a WordPress SEO plugin has been infecting sites and opening a backdoor for hackers on thousands of sites. Malware masquerading itself as an SEO plugin called ...

Users of the popular Yuzo Related Posts plugin are being urged to uninstall the plugin after a flaw was discovered being exploited in the wild – putting tens of thousands of websites at risk. Yuzo ...

Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites. The zero-day was used in ...

WordPress 6.9 will introduce the Abilities API, which enables the development of advanced AI integrations in WordPress sites.

Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 ...

WordPress site owners who use commercial themes provided by ThemeGrill are advised to update one of the plugins that come installed with these themes to patch a critical bug that can let attackers ...

For the past two and a half months, a WordPress plugin named Display Widgets has been used to install a backdoor on WordPress sites across the Internet. The backdoor code was found between Display ...

Exploits detected in the Ninja Forms plugin for WordPress, installed on over a million sites, can lead to a complete site takeover if not patched. Wordfence detected a total of four vulnerabilities in ...

King Addons for Elementor, a commercial WordPress plugin that extends the Elementor page builder with extra website builder widgets, templates, and design features, carried two critical-level ...

Hackers are actively exploiting a critical WordPress plugin vulnerability that allows them to completely wipe all website databases and, in some cases, seize complete control of affected sites. If you ...