Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...

Three popular plugins served malicious JavaScript through a compromised CDN.

Gravity SMTP WordPress vulnerability CVE-2026-4020 has drawn 17 million automated exploit attempts since May 2026, draining ...

WP Fastest Cache, a WordPress plugin currently in use by over 1 million users that assists in more efficiently delivering their websites, is addressing a security issue with its 1.2.2 release. This ...

A high-severity vulnerability was discovered and patched in the All-in-One WP Migration and Backup plugin, which has over five million installations. The vulnerability requires no user authentication, ...

In a nutshell: Many WordPress plugins are designed to enhance the content management system's ability to quickly and easily share content from almost anywhere on the internet. But one popular ...

Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term ...

A vulnerability advisory was issued for a WordPress plugin that saves contact form submissions. The flaw enables unauthenticated attackers to delete files, launch a denial of service attack, or ...