Researchers have discovered bad authentication bypass vulnerabilities affecting two WordPress plugins which should be patched as soon as possible.
Tag Archives: Wordpress
WordPress sites hit by malvertising
An old piece of malware is storming the WordPress community, enabling its perpetrators to take control of sites and inject code of their choosing.
Sextortion scammers are hijacking blogs – and victims are paying up
Sextortion scammers have started hijacking poorly managed or defunct blogs to expand an increasingly profitable business.
Hackers are infecting WordPress sites via a defunct plug-in
If you’re a WordPress admin using a plug-in called Rich Reviews, you’ll want to uninstall it. Now.
WordPress 5.2.3 fixes new clutch of security vulnerabilities
WordPress version 5.2.3 has just appeared on the download pipe featuring half a dozen security fixes and software enhancements.
Patch early, patch often – and patch everything!
Here’s our latest Naked Security Live video – all about WordPress, plugins and patching.
WordPress sites are being backdoored with rogue admin users
A malvertising campaign has evolved to give hackers control of entire sites.
WordPress plugin sees second serious security bug in six weeks
Researchers have uncovered another serious bug in WP Live Chat that could lead to the mass compromise of websites.
Update now! WordPress hackers target Easy WP SMTP plugin
Two hacking groups have been spotted targeting websites running unpatched versions of the WordPress plugin Easy WP SMTP.
WordPress 5.1.1 patches dangerous XSS vulnerability
Researchers have offered more detail on a recently patched vulnerability that would allow an attacker to take over a WordPress site.