Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
Hackers are actively exploiting a recently fixed vulnerability in the WordPress Advanced Custom Fields plugin roughly 24 hours after a proof-of-concept (PoC) exploit was made public. The vulnerability ...
Intruder built an AI-powered "vulnerability vending machine" that combines code slicing with LLMs to automatically discover ...
The WooCommerce Square plugin enables WordPress sites to accept payments through the Square POS, as well as synchronize product inventory data between Square and WooCommerce. Square plugin enables a ...
Hackers are now targeting 1.5 million WordPress websites. To do so, they are reportedly focusing on exploiting the cookie consent plugin. Beautiful Cookie Consent Banner was the Target of Hackers Due ...
Wordfence blocked 17M+ attempts to exploit a Gravity SMTP bug that leaks API keys and system data from WordPress sites without authentication. Attackers are actively exploiting a vulnerability in the ...
A vulnerability within two widely used WordPress plugins is already being exploited by hackers, putting millions of WordPress sites at risk, according to a computer security firm. The plugins are ...
An attacker bought 30+ WordPress plugins (Essential Plugin portfolio) on Flippa for six figures, planted a PHP deserialization backdoor in August 2025, then activated it eight months later to serve ...