Security News

Backdoored Plugin Impacts 200,000 WordPress Sites
2017-09-14 12:22

Around 200,000 WordPress websites were impacted after a plugin they were using was updated to include malicious code, Wordfence reports. read more

Reflected XSS Bug Patched in Popular WooCommerce WordPress Plugin (Threatpost)
2017-08-31 13:30

Automattic has patched a reflected cross-site scripting vulnerability in the WooCommerce WordPress plugin.

Week in review: WordPress ransomware, NotPetya aftermath (Help Net Security)
2017-08-21 02:00

Here’s an overview of some of last week’s most interesting news and articles: EV ransomware is targeting WordPress sites WordPress security outfit Wordfence has flagged several attempts by...

EV ransomware is targeting WordPress sites (Help Net Security)
2017-08-16 20:17

WordPress security outfit Wordfence has flagged several attempts by attackers to upload ransomware that provides them with the ability to encrypt a WordPress website’s files. They dubbed the...

New "WPSetup" Attack Targets Fresh WordPress Installs (Security Week)
2017-07-14 14:15

A new type of attack against WordPress is targeting fresh installations to get admin access and execute PHP code in the victim’s web hosting account, Wordfence reveals. read more

Attackers Using Automated Scans to Takeover WordPress Installs (Threatpost)
2017-07-13 18:24

Attackers have been carrying out WPSetup attacks, taking advantage of users who have installed WordPress but not yet configured it.

WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack (The Hackers News)
2017-07-01 02:26

A SQL Injection vulnerability has been discovered in one of the most popular Wordpress plugins, installed on over 300,000 websites, which could be exploited by hackers to steal databases and...

WordPress 4.7.5 Patches Six Vulnerabilities (SecurityWeek)
2017-05-19 11:03

WordPress Fixes CSRF, XSS Bugs, Announces Bug Bounty Program (Threatpost)
2017-05-18 18:17

WordPress fixed six vulnerabilities with version 4.7.5 and announced a bug bounty program with HackerOne this week.

WordPress announces bug bounty program (Help Net Security)
2017-05-17 16:14

WordPress Foundation is the latest organization to publicly announce a bug bounty program set up on the HackerOne platform. What’s in scope of the WordPress bug bounty program? Bounties will be...