TechRadar

This popular WordPress security plugin has a worrying flaw which exposed user data

WordPress plugin flaw let low-privileged users access sensitive server files and credentials CVE-2025-11705 affects plugin versions 4.23.81 and earlier; patch released October 15 About 50,000 sites ...
TechRadar

Thousands of WordPress websites hacked via plugin looking to steal user data

Hackers found installing malicious plugins on already compromised WordPress sites When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. A new variant ...
Bleeping Computer

Hackers abuse WordPress MU-Plugins to hide malicious code

Hackers are utilizing the WordPress mu-plugins ("Must-Use Plugins") directory to stealthily run malicious code on every page while evading detection. The technique was first observed by security ...