Zero-day in WordPress SMTP plugin abused to reset admin account passwords
Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000...
Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000...
Image: ZDNet, WordPress A new cybercrime gang has been seen taking over vulnerable WordPress sites to install hidden e-commerce stores with the purpose of...
Critical privilege escalation vulnerabilities have been patched in the popular WordPress plugin Ultimate Member. Accounting for over 100,000 active installations on websites that use...
A highly sophisticated botnet is believed to have infected hundreds of thousands of websites by attacking their underlying content management system (CMS) platforms. Named KashmirBlack,...
The WordPress security team has taken a rare step last week and used a lesser-known internal capability to forcibly push a security update for...
Millions of WordPress sites have been probed and attacked this week, Defiant, the company behind the Wordfence web firewall said on Friday. The sudden...
The highly popular WordPress plugin File Manager this week received a patch to address an actively exploited zero-day vulnerability. Designed to provide WordPress site...
The developers of the WordPress File Manager plugin have patched an actively-exploited security issue permitting full website hijacking. According to the Sucuri WordPress...
The owners and administrators of e-commerce websites powered by WordPress and the WooCommerce platform have been warned of attacks exploiting vulnerabilities discovered recently by...
A reflected cross-site scripting (XSS) vulnerability impacting 100,000 websites has been patched in the KingComposer WordPress plugin. KingComposer is a drag-and-drop page builder for...