TechRepublic

Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk

Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk Your email has been sent A vulnerability in a widely used WordPress accessibility plugin could allow ...
Computerworld

Attackers exploit zero-day flaw in WordPress plug-in

WordPress sites with the plug-in Fancybox-for-WordPress should apply a critical security update released Thursday that fixes a vulnerability already exploited by attackers. Researchers from Web ...

Hackers exploiting WordPress membership plugin bug to create admin accounts

A popular WP plugin can be abused to take over websites and thousands of sites are vulnerable.
Ars Technica

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be ...