Zerodium has announced today an increased interest in exploits for the WordPress content management system that achieve remote code execution. The exploit acquisition platform is now enticing exploit ...

Thrive Themes has recently patched vulnerabilities in its WordPress plugins and legacy Themes – but attackers are targeting those who haven’t yet applied security updates. Attackers are actively ...

Attackers are actively exploiting a critical vulnerability in BackupBuddy, a WordPress plug-in that an estimated 140,000 websites are using to back up their installations. The vulnerability allows ...

Over the past few days, attackers have been exploiting an unpatched vulnerability in WP Mobile Detector, a WordPress plug-in installed on over 10,000 websites. The plug-in’s developer fixed the flaw ...

Four severe vulnerabilities have been identified in a single WordPress plugin used by more than one million websites. The bugs were discovered affecting the Ninja Forms plugin, a drag-and-drop form ...

WordPress sites are increasingly being infected with malware from pirated themes and plugins, as per a new report on WordPress security. Security firm Wordfence published a report on threats and ...

Hackers exploit a zero-day privilege escalation vulnerability in the 'Ultimate Member' WordPress plugin to compromise websites by bypassing security measures and registering rogue administrator ...

An older version of LiteSpeed Cache, a popular plugin for the WordPress website builder, is vulnerable to a high-severity flaw that hackers have been increasingly exploiting. The flaw is described as ...

New research by cybersecurity firm Mandiant provides eyebrow-raising statistics on the exploitation of vulnerabilities by attackers, based on an analysis of 138 different exploited vulnerabilities ...

Record-number WordPress plugin vulnerabilities are wicked exploitable even with low CVSS scores, leaving security teams blind to their risk. Last year brought forth much more than a Ben ...