Critical bugs found in the WordPress Database Reset plugin used by over 80,000 sites allow attackers to drop all users and get automatically elevated to an administrator role and to reset any table in ...
A vulnerability in the popular Ultimate Member WordPress plugin enables account takeover by exposing password reset links.
Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites. The zero-day was used in ...
After noticing some suspicious commits to popular WordPress plugins today in the main WordPress.org repository, passwords are being reset for all users of WordPress.org, bbPress.org and BuddyPress.org ...
A WordPress plugin has been found to contain "easily exploitable" security issues that can be exploited to completely take over vulnerable websites. The plugin at the heart of the matter, WP Database ...
It is estimated that there are over 50,000 WordPress plugins and more than 1.25 billion total plugin downloads. However, not all plugins are created equal. Security researchers recently discovered ...
More than 30 WordPress plugins were shut down after a supply-chain backdoor compromised thousands of sites through the Essential Plugin portfolio. A web developer discovered dozens of malicious ...
Security researchers are warning of a new plugin vulnerability which is exposing over 200,000 WordPress sites to the risk of being remotely wiped by an attacker. The problem lies with versions 1.3.4 ...
Two vulnerabilities impacting the POST SMTP Mailer WordPress plugin, an email delivery tool used by 300,000 websites, could help attackers take complete control of a site authentication. Last month, ...