A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution.

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

A critical vulnerability was discovered in a popular WordPress security plugin with over 4 million installations. The flaw allows attackers to log in as any user, including administrators, and gain ...

Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure. Users are strongly ...

The National Vulnerability Database announced that a popular Google Analytics WordPress plugin installed in over 3 million was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability.

Hackers are now targeting 1.5 million WordPress websites. To do so, they are reportedly focusing on exploiting the cookie consent plugin. Beautiful Cookie Consent Banner was the Target of Hackers Due ...

A critical vulnerability has been reported in WPML — a multilingual WordPress plugin with more than a million installations globally — that allows remote code execution on affected WordPress sites.

A critical vulnerability in the WordPress plugin SureTriggers has exposed thousands of websites to remote attacks, allowing unauthenticated users to create administrative accounts. SureTriggers ...

Hackers can read arbitrary files with this newly discovered flaw ...

Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk Your email has been sent A vulnerability in a widely used WordPress accessibility plugin could allow ...

A vulnerability within two widely used WordPress plugins is already being exploited by hackers, putting millions of WordPress sites at risk, according to a computer security firm. The plugins are ...