Security News
Exclusive — If you have not updated your website to the latest WordPress version 5.0.3, it’s a brilliant idea to upgrade the content management software of your site now. From now, I mean...
Malicious actors have been hacking WordPress websites by exploiting vulnerabilities in a fairly popular plugin called WP Cost Estimation & Payment Forms Builder. read more
Users of the popular plugin, Simple Social Buttons, are encouraged to update to version 2.0.22.
A spam injector hides in plain site within WordPress theme files.
The commercial Total Donations plugin for WordPress is impacted by multiple zero-day vulnerabilities that are being actively exploited in attacks, Wordfence security researchers report. read more
The development team of the vulnerable Total Donations plugin appears to have abandoned it, and did not respond to inquiries from researchers.
The website for a popular WordPress plugin was hacked over the weekend, when a former employee abused a previously implemented backdoor to take over the domain. read more
In an effort to improve the security of websites, WordPress will display a warning starting in April 2019 when encountering outdated PHP versions. In December last year, the free and open-source...
Despite fewer plugins being added to Wordpress last year, the CMS saw an astounding tripling of vulnerabilities in its platform in 2018.
WordPress vulnerabilities tripled over the past year, more than any other CMS, according to an Imperva report.