A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions. Really ...

Hackers can now take over WordPress sites instantly using a simple plugin flaw ...

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Smart Slider 3 plugin update compromised with backdoors Malicious version 3.5.1.35 pushed to ...

Do you host your own WordPress website? Do you use the popular All in One SEO Pack plugin? If so, you need to update the plugin as soon as possible to the latest version. The All in One SEO Pack ...

WordPress security plugin discovered to have two vulnerabilities that could allow a malicious upload, cross-site scripting and allow viewing of contents of arbitrary files. All-In-One Security (AIOS) ...

A severe vulnerability in the widely used Forminator WordPress plugin has been disclosed, exposing websites to the risk of arbitrary file deletion and potential site takeover. The flaw, which affects ...

WordPress announced a major clampdown to protect its theme and plugin ecosystem from password insecurity. These improvements follow a flurry of attacks in June that compromised multiple plugins at the ...

The Quick Page/Post Redirect plugin, installed on more than 70,000 WordPress sites, had a backdoor added five years ago that ...

Ally WordPress plugin carried SQL injection flaw (CVE-2026-2413) Vulnerability left ~246,600 sites exposed to data theft Fixed in version 4.1.0; WordPress urges immediate updates A popular WordPress ...

Threat actors may abuse Notepad++ plugins to circumvent security mechanisms and achieve persistence on their victim machine, new research from security company Cybereason suggests. “Using an ...

WordPress is one of the most widely-used Content Management Systems on the planet. With over 43% of websites using the platform, it’s no surprise that it has a target on its back. That not only means ...