The Hacker News

Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks

Active exploits target Sneeit plugin CVE-2025-6389 and ICTBroadcast CVE-2025-2611, enabling RCE, backdoors, and Frost DDoS ...

Critical flaw in WordPress add-on for Elementor exploited in attacks

Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025-8489) in the King Addons for ...
SecurityWeek

Critical King Addons Vulnerability Exploited to Hack WordPress Sites

Threat actors have been exploiting a critical King Addons for Elementor vulnerability to hack WordPress websites.

UK gov blames budget leak on misconfigured WordPress plugin, server

WordPress is the world's most popular content management system, but not so much with the UK government. The country's Office ...