DuckDuckGo responds to recent criticism saying the third-party tracking scripts it blocks will now include scripts from Microsoft.
WordPress proposal takes aim at improving security and performance of third party plugins
Reflected XSS vulnerability was patched in Anti-Malware Security and Brute-Force Firewall WordPress Plugin
A Remote Code Execution Vulnerability discovered in the Elementor Website Builder plugin that can lead to full site takeover
Advanced Custom Fields plugin patched a Missing Authorization vulnerability that allows an attacker to view database information
Fight back against increased cyber attacks with these free tools and resources
UpdraftPlus WordPress Plugin vulnerability potentially compromised over 3 million installations
Critical Arbitrary Code Execution Vulnerability rated 9.8 on a scale of 1 – 10 is actively being exploited by hackers
1+ Million WordPress sites affected by vulnerabilities that could lead to remote code execution attacks
All In One SEO Plugin patched SQL Injection vulnerability that could expose privileged database information
The vulnerability, listed as CVE-2021-44228 in Apache Log4j Security Vulnerabilities, enables remote attackers to take control of an affected system.
WordPress plugin by the makers of Astra Theme patched an XSS vulnerability that can lead to total site takeover and attacks on site visitors
WordPress Plugin OptinMonster Vulnerability exposes publishers to full site takeover and threat of malicious downloads
Smash Balloon Social Post Feed WordPress plugin vulnerability exposes over 200,000 websites to Stored XSS vulnerability
WordPress Ninja Forms vulnerability can lead to a full site take over and phishing scams
Two vulnerabilities in the Gutenberg Template Library & Redux Framework plugin have been discovered to be vulnerable. Over 1 million sites are affected
WooCommerce announced a patch for a critical vulnerability that is rolling out as a forced update. Publishers urged to check if updated
Website Optimization Plugin Autoptimize contains a Stored XSS vulnerability. A patch has been released to fix the problem.
Two Brainstorm Force addon plugins for Elementor were discovered to have vulnerabilities affecting over a million websites.
Two exploits affecting the popular Facebook for WordPress plugin can lead to a total site takeover and malicious backdoors
Stored Cross-site Scripting Vulnerability on WordPress page builder plugin Elementor can enable a full site takeover
Authenticated Remote Code Execution Vulnerability Discovered in WP Super Cache. Although low severity it’s recommended all users update now.
Zero Day total site takeover exploit discovered in popular WordPress plugin for Elementor page builder