A critical-severity vulnerability in the King Addons for Elementor plugin for WordPress has been exploited to take over websites.
The post Critical King Addons Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek.
Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover
The critical vulnerability allows attackers to read arbitrary emails, including password reset messages.
The post Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover appeared first on SecurityWeek.
Year-Old WordPress Plugin Flaws Exploited to Hack Websites
Roughly 9 million exploit attempts were observed this month as mass exploitation of the critical vulnerabilities recommenced.
The post Year-Old WordPress Plugin Flaws Exploited to Hack Websites appeared first on SecurityWeek.
Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations
The Post SMTP email delivery WordPress plugin is affected by a critical vulnerability and half of websites using it remain unpatched.
The post Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations appeared first on SecurityWeek.
Hackers Inject Malware Into Gravity Forms WordPress Plugin
Two Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply chain attack.
The post Hackers Inject Malware Into Gravity Forms WordPress Plugin appeared first on SecurityWeek.
Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover
A vulnerability in the Forminator WordPress plugin allows attackers to delete arbitrary files and take over impacted websites.
The post Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover appeared first on SecurityWeek.
Motors Theme Vulnerability Exploited to Hack WordPress Websites
Threat actors are exploiting a critical-severity vulnerability in Motors theme for WordPress to change arbitrary user passwords.
The post Motors Theme Vulnerability Exploited to Hack WordPress Websites appeared first on SecurityWeek.
Second OttoKit Vulnerability Exploited to Hack WordPress Sites
Threat actors are targeting a critical-severity vulnerability in the OttoKit WordPress plugin to gain administrative privileges.
The post Second OttoKit Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek.
Vulnerability in OttoKit WordPress Plugin Exploited in the Wild
A vulnerability in the OttoKit WordPress plugin with over 100,000 active installations has been exploited in the wild.
The post Vulnerability in OttoKit WordPress Plugin Exploited in the Wild appeared first on SecurityWeek.
8,000 New WordPress Vulnerabilities Reported in 2024
Nearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes.
The post 8,000 New WordPress Vulnerabilities Reported in 2024 appeared first on SecurityWeek.