Hackers can now take over WordPress sites instantly using a simple plugin flaw ...

A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions. Really ...

A tainted version was pushed as an update to more than 800,000 active websites.

Dozens of WordPress plugins were allegedly hijacked to push malware after they were sold to a new corporate owner.

More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows ...

A severe vulnerability in the widely used Forminator WordPress plugin has been disclosed, exposing websites to the risk of arbitrary file deletion and potential site takeover. The flaw, which affects ...

WordPress security plugin discovered to have two vulnerabilities that could allow a malicious upload, cross-site scripting and allow viewing of contents of arbitrary files. All-In-One Security (AIOS) ...

Do you host your own WordPress website? Do you use the popular All in One SEO Pack plugin? If so, you need to update the plugin as soon as possible to the latest version. The All in One SEO Pack ...

WordPress announced a major clampdown to protect its theme and plugin ecosystem from password insecurity. These improvements follow a flurry of attacks in June that compromised multiple plugins at the ...

The WordPress security team has taken a rare step last week and used a lesser-known internal capability to forcibly push a security update for a popular plugin. While robust passwords help you secure ...

WordPress is one of the most widely-used Content Management Systems on the planet. With over 43% of websites using the platform, it’s no surprise that it has a target on its back. That not only means ...