Security News

A pair of widely used WordPress plugins need to be patched on more than 320,000 websites to close down vulnerabilities that can be exploited to gain admin control of the web publishing software. The team at WebArx, a security firm specializing in WordPress and other CRM and publishing platforms, took credit for discovering and reporting the flaws in WP Time Capsule and InfiniteWP. Both plugins were patched earlier this month by the developer, and updates should be applied.

One flaw found in WordPress plugins Ultimate Addons for Beaver Builder and Ultimate Addons for Elementor is actively being exploited.

Attention WordPress users! Your website could easily get hacked if you are using "Ultimate Addons for Beaver Builder," or "Ultimate Addons for Elementor" and haven't recently updated them to the...

An update for the popular WordPress plugin Jetpack addresses a critical security flaw that has existed for more than two years.  With over 5 million installations to date, Jetpack provides...

An old piece of malware is storming the WordPress community, enabling its perpetrators to take control of sites and inject code of their choosing.

WordPress 5.2.4, which WordPress developers released this week, patches six vulnerabilities, including cross-site scripting (XSS), unauthorized access, server-side request forgery (SSRF), and...

If you're a Wordpress admin using a plug-in called Rich Reviews, you'll want to uninstall it. Now.

The issue in the Rich Reviews plugin is being actively exploited.

Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover.

WordPress version 5.2.3 has just appeared on the download pipe featuring half a dozen security fixes and software enhancements.