The Hacker News

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched ...
Searchenginejournal.com

Data Confirms A Surge In WordPress Vulnerabilities

WordPress security researchers at Patchstack published their annual State of WordPress Security whitepaper that showed an increase of high and critical severity vulnerabilities, highlighting the ...

All In One SEO WordPress Vulnerability Affects Over 3 Million Sites

A vulnerability in the AIOSEO plugin affecting up to 3 million installations adds to the six vulnerabilities found in 2025.

Hackers exploit WordPress plugin security flaw exposing 40,000 websites

Patchstack found critical Modular DS flaw (CVE-2026-23550) allowing admin bypass Vulnerability scored 10/10 and is already ...
Threat Post

WordPress Bugs Exploded in 2021, Most Exploitable

Record-number WordPress plugin vulnerabilities are wicked exploitable even with low CVSS scores, leaving security teams blind to their risk. Last year brought forth much more than a Ben ...
PC World

Recent WordPress vulnerability used to deface 1.5 million pages

Up to 20 attackers or groups of attackers are defacing WordPress websites that haven’t yet applied a recent patch for a critical vulnerability. The vulnerability, located in the platform’s REST API, ...
Dark Reading

Vulnerabilities Surge, But Messy Reporting Blurs Picture

MITRE loses its lead as the top reporter of vulnerabilities, while new organizations pump out CVEs and reported bugs in ...
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
Dark Reading

Attackers Exploit Zero-Day WordPress Plug-in Vulnerability in BackupBuddy

Attackers are actively exploiting a critical vulnerability in BackupBuddy, a WordPress plug-in that an estimated 140,000 websites are using to back up their installations. The vulnerability allows ...
TechSpot

WordPress plugin vulnerabilities more than doubled in 2021

What just happened? Third-party WordPress plugin vulnerabilities increased significantly in 2021, and many of them still have known public exploits. Cybersecurity firm Risk Based Security said 10,359 ...
Forbes

Security Vulnerabilities In WordPress Workflows For Enterprises (With Practical Solutions)

As a platform renowned for its flexibility and accessibility, WordPress has become an instrumental tool for many enterprises worldwide. Its user-friendly design, customizable features and vast plugin ...
PC World

Attackers exploit vulnerabilities in two WordPress plugins

A vulnerability within two widely used WordPress plugins is already being exploited by hackers, putting millions of WordPress sites at risk, according to a computer security firm. The plugins are ...