WordPress Autoptimize Plugin Vulnerability Affects +1 Million Sites
Website Optimization Plugin Autoptimize contains a Stored XSS vulnerability. A patch has been released to fix the problem.
WordPress Ultimate Addons for Elementor Vulnerability Affects +1 Million
Two Brainstorm Force addon plugins for Elementor were discovered to have vulnerabilities affecting over a million websites.
Facebook for WordPress Plugin Vulnerability Targets +500,000 Sites
Two exploits affecting the popular Facebook for WordPress plugin can lead to a total site takeover and malicious backdoors
WordPress Elementor Vulnerability Affects +7 Million
Stored Cross-site Scripting Vulnerability on WordPress page builder plugin Elementor can enable a full site takeover
WP Super Cache Vulnerability Affects Over 2 Million Sites
Authenticated Remote Code Execution Vulnerability Discovered in WP Super Cache. Although low severity it’s recommended all users update now.
The Plus Addons for Elementor Critical Vulnerability
Zero Day total site takeover exploit discovered in popular WordPress plugin for Elementor page builder
Contact Form 7 Vulnerability in +5 Million Sites
A serious vulnerability was patched in Contact Form 7 that allows attackers to upload malicious scripts.
WordPress Redux Plugin Vulnerability Affects +1 Million Sites
Redux Gutenberg Blocks Library & Framework, with over 1 million active users, patched a CSRF vulnerability
WordPress Easy WP SMTP Plugin Vulnerability
Popular WordPress plugin with over 500,000 active installations was recently patched to fix an exploit that grants hackers complete control.
WordPress Ultimate Member Plugin Vulnerability
Ultimate Member WordPress plugin issued a patch for three critical and severe exploits that grant attackers total control of a site.
Loginizer WordPress Vulnerability Affects +1 Million Sites
Popular WordPress security plugin Loginizer patched two security issues, including a SQL Injection.
WP Bakery WordPress Vulnerability Affects Millions of Sites
WP Bakery Page Builder WordPress plugin vulnerability affects over 4 million sites.
Divi WordPress Theme Vulnerability
Critical vulnerability discovered in Elegant Themes Divi and Extra Themes as well as in the Divi Builder WordPress plugin.
All in One SEO Pack Vulnerability – New Exploit
Researchers discovered a vulnerability in All in One SEO Pack. Exploit could allow a total takeover of a WordPress website.
Google Site Kit WordPress Plugin Vulnerability
Critical vulnerability discovered in Google Site Kit WordPress plugin.
Elementor Pro Critical Vulnerability
Critical vulnerabilities in Elementor Pro allows hacker control of website
WordPress Vulnerability Update
WordPress issued a security update to fix 7 vulnerabilities
Ninja Forms Plugin Vulnerability
Ninja Forms WordPress Plugin patches a high severity vulnerability.
Critical Vulnerability in Rank Math SEO Plugin
A critical vulnerability was discovered in Rank Math SEO Plugin that allows an attacker to escalate privileges.
Elementor Page Builder Plugin Vulnerability
Elementor WordPress Page Builder contains a vulnerability.
WPS Hide Login Updated to Fix Vulnerability
WPS Hide Login contains a vulnerability that can cause it to reveal the secret admin login page.
WordPress Divi Theme Code Injection Vulnerability
Elegant Themes announced a code injection vulnerability. Update now to protect against it.
Critical Vulnerability Strikes WordPress Ad Inserter
Ad Inserter WordPress plugin was discovered to have a critical vulnerability. Ad Inserter immediately fixed the issue. Users are recommended to update their plugin.
Web Host Vulnerability Discovered at iPage, FatCow, PowWeb, and NetFirm
A vulnerability was discovered and patched at four popular web hosts. Customers are urged to scan for malware.
Vulnerability Reported in All in One SEO Pack
WPScan Vulnerability Database reports that the All in One SEO Pack plugin has a cross-site scripting vulnerability.
Yoast SEO 9.1 Vulnerability Explained
Yoast SEO 9.1 SEO Manager Role Vulnerability Explained
Critical Drupal Core Vulnerability – Upgrade Now
Drupal.org announced a critical core vulnerability that allows attackers to exploit multiple attack vectors on a site. Full details on what to do next.
Millions of WordPress Websites Affected By Plugin Vulnerability
Web security firm Sucuri has reported on the discovery of a WordPress plugin vulnerability affecting any site that uses the genericons package. At this time,...
Vulnerability Found in Latest Versions of WordPress, Patch Now Available
A new comment XSS exploit vulnerability, being called “Zero Day”, has been found in the latest versions of WordPress: 4.2, 4.1.2, 4.1.1, and 3.9.3. The...
Critical Vulnerability Found In Popular WordPress Newsletter Plugin
Web security firm, Sucuri, found a critical vulnerability in a WordPress plug-in that has over 1.7 million downloads. The vulnerability allows potential attackers to take...