Hosted on MSN

Paid WordPress users beware - worrying security flaw puts accounts and info at risk

A high-severity vulnerability has been discovered in a popular premium WordPress plugin, allowing threat actors to access, or exfiltrate, sensitive data without authentication. Security researcher ...
ZDNet

WordPress sites under attack as hacker group tries to create rogue admin accounts

A hacker group is exploiting vulnerabilities in more than ten WordPress plugins to create rogue admin accounts on WordPress sites across the internet. The attacks are an escalation part of a hacking ...
Bleeping Computer

Zero-Day in WordPress Plugin Exploited to Create Admin Accounts

A zero-day vulnerability in the ThemeREX Addons, a WordPress plugin installed on thousands of sites, is actively exploited by attackers to create user accounts with admin permissions and potentially ...
Bleeping Computer

WP Automatic WordPress plugin hit by millions of SQL injection attacks

Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term ...
ZDNet

WordPress plugs bug that led to Google indexing some user passwords

A week after releasing its first major update in quite some time, the WordPress team has pushed the first security patch for its brand new WordPress 5.0 branch. Released hours ago, WordPress version 5 ...