A security flaw in the Gravity SMTP WordPress plugin has drawn more than 17 million automated exploit attempts since early May 2026 — and every site that ran an unpatched version while those attacks ...
A security vulnerability in the WordPress plugin Burst Statistics allows attackers to impersonate an admin. This enables complete takeover of a site. An updated plugin has been available since mid-May ...
A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data without logging in. A vulnerability in a widely used WordPress ...
Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than 60,000 WordPress sites. Developed by WPEverest, the plugin provides ...
A new threat in is the wild affecting sites that run WordPress, a popular content management system. Wordfence, a company that focuses on security research in the WordPress ecosystem, is reporting ...
WordPress users warned as millions of attacks reported. Updated October 29 with a correction to the WordPress attack statistics: the correct number is 1.6 million attacks in 48 hours. WordPress ...
More than 10,000 WordPress sites have been left vulnerable to full site takeover due to three critical security flaws discovered in the HT Contact Form Widget for Elementor Page Builder & Gutenberg ...
A new malware campaign targeting WordPress sites employs a malicious plugin disguised as a security tool to trick users into installing and trusting it. According to Wordfence researchers, the malware ...
A critical vulnerability in the Jupiter X Core WordPress plugin, used on over 90,000 websites, has been identified by security researchers. The flaw, discovered on January 6, allows attackers with ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results