Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain ...

Security researchers have warned that over 10,000 websites powered by the WordPress content management system (CMS) are at risk of exploit due to a plugin containing a zero-day flaw. The WP Mobile ...

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...

Zerodium has announced today an increased interest in exploits for the WordPress content management system that achieve remote code execution. The exploit acquisition platform is now enticing exploit ...

More and more attacks taking advantage of a XSS and RCE bug in the popular plugin have cropped up in the wild. Active exploits for a recently disclosed bug in a popular WordPress plugin, Social ...

A rash of compromised WordPress websites is behind this week’s surge in Neutrino Exploit Kit traffic Unsurprisingly, a rash of compromised WordPress websites is behind this week’s surge in Neutrino ...

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

A vulnerability in WordPress 2.8.3 which allows anyone to lock an admin out of his or her account by resetting the password has been reported. “The bug … is trivial to exploit remotely using nothing ...

A new zero-day exploit affecting the TimThumb utility for WordPress has been found. The flaw is in the WebShot feature, and it allows for certain commands to be executed on the vulnerable website ...

A vulnerability within two widely used WordPress plugins is already being exploited by hackers, putting millions of WordPress sites at risk, according to a computer security firm. The plugins are ...

WordPress and Joomla exploits have existed for years, and cybercriminals have thus been exploiting them for a long time. Yet the situation may have gotten slightly more serious as of late, as there ...

Over the past few days, attackers have been exploiting an unpatched vulnerability in WP Mobile Detector, a WordPress plug-in installed on over 10,000 websites. The plug-in’s developer fixed the flaw ...