Bleeping Computer

Vulnerability in AMP for WP Plugin Allowed Admin Access to WordPress

A vulnerability for the very popular AMP for WP WordPress plugin with a 100 thousand active installations allows any registered user to escalate their privileges to gain administrative access to the ...
TechRadar

Millions at risk as popular WordPress database plugin is targeted by hackers — here's what WordPress site owners need to know

A popular WordPress vulnerability has been found carrying a critical vulnerability which allowed hackers to attack websites, steal sensitive data, and even force them offline. The vulnerability, ...
ZDNet

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites. The zero-day was used in ...
Bleeping Computer

WordPress migration add-on flaw could lead to data breaches

All-in-One WP Migration, a popular data migration plugin for WordPress sites with 5 million active installations, suffers from unauthenticated access token manipulation that could allow attackers to ...
Searchenginejournal.com

Essential WordPress Plugins Every Site Should Have

WordPress is the most popular content management system in the world, arguably because of its ability to become virtually any kind of website users want it to be. This flexibility is made possible by ...
TechRadar

LiteSpeed Cache plugin for WordPress has a critical security vulnerability

A new flaw was found, granting threat actors full access to vulnerable websites. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Security ...
SiliconANGLE

New PhishWP plugin harvests credit card data and OTPs from legitimate sites

A report released today by phishing protection company SlashNext Inc. warns of a dangerous new WordPress plugin that is being used by cybercriminals to turn legitimate websites into phishing traps.