Critical RCE Flaw Reported in WordPress Elementor Website Builder Plugin
Elementor, a WordPress website builder plugin with over five million active installations, has been found to be vulnerable to an …
Plugins
AdSanity, AccessPress Plugins Open Scads of WordPress Sites to Takeover
The WordPress content management system (CMS) is offering admins more headaches this week, thanks to a pair of disparate but concerning …
Hackers Planted Secret Backdoor in Dozens of WordPress Plugins and Themes
In yet another instance of software supply chain attack, dozens of WordPress themes and plugins hosted on a developer’s website were …
20K WordPress Sites Exposed by Insecure Plugin REST-API
The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to …
5 Steps to Serverless Security With the AWS Lambda Plugin
For the DevOps-averse developer, lambdas are heaven. They can focus on writing self-contained and modularized pieces of code, deploying …
High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites
Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000 websites and could be …
Three Plugins with Same Bug Put 84K WordPress Sites at Risk
Researchers have discovered three WordPress plug-ins with the same vulnerability that allows an attacker to update arbitrary site options …
All in One SEO Plugin Bug Threatens 3M Websites with Takeovers
A popular WordPress SEO-optimization plugin, called All in One SEO, has a pair of security vulnerabilities that, when combined into an …
80K Retail WooCommerce Sites Exposed by Plugin XSS Bug
The Variation Swatches plugin security flaw lets attackers with low-level permissions tweak important settings on e-commerce sites to …
WordPress Malware Removal Plugin
In this day and age, you need to take your website security seriously. While WordPress is a generally secure and safe content management …
WordPress Plugin Bug Lets Subscribers Wipe Sites
The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable site, deleting nearly …
Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers
Vulnerabilities in the Brizy Page Builder plugin for WordPress sites could be chained together to allow attackers to completely take over a …
Falco Plugins Bring New Data Sources to Real-Time Security
Cloud security company Sysdig has announced the addition of plugins to Falco, the Cloud Native Computing Foundation (CNCF) runtime security …
New Capoae Malware Infiltrates WordPress Sites and Installs Backdoored Plugin
A recently discovered wave of malware attacks has been spotted using a variety of tactics to enslave susceptible machines with …