Hackers are massively exploiting a remote code execution vulnerability, CVE-2021-25094, in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 websites. Up to 50,000...
The authors of the Elementor Website Builder plugin for WordPress have just released version 3.6.3 to address a critical remote code execution flaw that may impact...
Patchstack, a leader in WordPress security and threat intelligence, has released a whitepaper to present the state of WordPress security in 2021, and the report paints a...
WordPress has taken the rare step of force-updating the UpdraftPlus plugin on all sites to fix a high-severity vulnerability allowing website subscribers to download the latest database...
A massive supply chain attack compromised 93 WordPress themes and plugins to contain a backdoor, giving threat-actors full access to websites. In total, threat actors compromised...
Two critical and high severity security vulnerabilities in the highly popular “All in One” SEO WordPress plugin exposed over 3 million websites to takeover attacks. The...
Wordfence analysts report having detected a massive wave of attacks in the last couple of days, originating from 16,000 IPs and targeting over 1.6 million WordPress sites. The...
The OptinMonster plugin is affected by a high-severity flaw that allows unauthorized API access and sensitive information disclosure on roughly a million WordPress sites. Tracked as...
Threat actors are scanning for sites running the Fancy Product Designer plugin to exploit a zero-day bug allowing them to upload malware. Fancy Product Designer is a...
Recent Comments