WordPress
Popular WordPress plugins vulnerable to XSS
At least 17 WordPress plugins – and likely even more of them – have been found vulnerable to cross-site scripting (XSS) flaws that could allow attackers to inject …
WordPress sites compromised to redirect to Pirate Bay clone, exploit kit
Malwarebytes researchers have spotted another malware delivery campaign that uses compromised WordPress sites to redirect users to a page hosting an exploit kit. The total …
WordPress plugin used by millions sports critical site-hijacking flaw
Another popular Yoast WordPress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site. A week ago it was …
Critical hole in popular WordPress SEO plugin allows SQLi, site hijacking
Another highly popular WordPress plugin has been found sporting a cross-site request forgery flaw that can be exploited to mount a blind SQL injection attack, and could also …
Huge IT Slider WordPress plugin opens SQL injection hole
The 50,000+ active users of the Huge IT Slider WordPress plugin are advised to update to the latest version, as it closes a vulnerability that can be exploited by website …
Over a million WP sites at risk of hijacking due to plugin bug
Users who run their websites on the popular WordPress CMS and are also using the WP-Slimstat web analytics plugin should update as soon as possible, warns Sucuri vulnerability …
Four cyber security risks not to be taken for granted
It’s pretty difficult to make information security predictions, and even more difficult to verify them afterwards: we can only judge the effectiveness of information …
100k+ WP websites compromised by SoakSoak malware
Sucuri Security researchers are warning about a massive compromise of WordPress sites sporting malicious JavaScript leading visitors to malware. The discovery was made on …
Tens of thousands web servers backdoored via pirated CMS themes and plug-ins
Over 23,000 websites set up with the help of Joomla, WordPress and Drupal content management systems have been compromised and used for illegal search engine optimization by …
Millions of WordPress websites in danger due to easily exploitable bug
A new WordPress version has been released, and you better update to it, as it patches a critical cross-site scripting flaw that can be exploited by attackers to compromise …
WordPress most targeted CMS by hackers?
Imperva released the results of its Web Application Attack Report (WAAR), the result of analysis of a subset of 99 applications protected by Imperva’s WAF over a period …
WordPress vulnerability database
Back in 2012, the fine folks behind the BruCON conference announced that from the 2013 edition of their popular event, a special budget will be allocated for supporting …
Featured news
Resources
Don't miss
- Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
- June 2025 Patch Tuesday forecast: Second time is the charm?
- Why IAM should be the starting point for AI-driven cybersecurity
- Protecting patient data starts with knowing where it’s stored
- Ransomware and USB attacks are hammering OT systems