Tag: WordPress Plugin
WooCommerce Payments Plug-in on WordPress is Under Exploitation
A bug in WooCommerce's Payments plug-in is widely being exploited in the wild, despite a patch being available months ago, warns security researchers of...
Bug in ‘Ultimate Member’ Plugin Affect 200,000 WordPress Sites
Wordfence researchers note a zero-day bug in the Ultimate Member plug-in that affects 200,000 WordPress websites installed.
Though the concerned developers made a patch update...
Critical Bug in Jetpack Plug-in Affects 5 Million Sites, Patch Now
Automattic, the maker of the Jetpack plug-in for WordPress sites, is force-updating the plug-in to address a critical bug - affecting over 5 million...
Hackers Are Exploiting a Popular Gift Card Plugin in WordPress
Hackers are exploiting a well-known gift card plugin in WordPress - YITH WooCommerce Gift Cards Premium, that would let them perform various scams through...
Hackers Are Targeting an Abandoned WordPress Plugin to Exploit
Researchers at Defiant noted a sudden surge in attacks against Kaswara Modern WPBakery Page Builder - an abandoned WordPress plugin with millions of installs.
Attackers...
WordPress PHP Everywhere Plugin Puts Thousands of Sites at Risk
Researchers at Wordfence have found critical vulnerabilities in a popular WordPress plugin called PHP Everywhere, affecting thousands of websites.
The remote code execution bug in...
Hackers Tried Hijacking Over 1.6 Million WordPress Sites
Wordfence analysts have detailed a campaign where over 1.6 million WordPress sites are being targeted. Threat actors here are taking over sites by compromising...
Facebook For WordPress Plugin Vulnerabilities Lead to Site Takeover, Patch Available
The Wordfence team has discovered two critical vulnerabilities in Facebook for the WordPress plugin, which, if exploited, can lead an attacker to inject malicious...
Easy WP SMTP WordPress Plugin Vulnerability Let Hackers Takeover Admin Accounts
A popular WordPress plugin has a zero-day vulnerability, which is reportedly being exploited by hackers to take over admin accounts. Easy WP SMTP, installed...
Ultimate Member WordPress Plugin Bugs Let Hackers Have Admin Privileges
The Wordfence's Threat Intelligence team has reported three critical vulnerabilities in a WordPress plugin that puts almost 100,000 sites at risk.
Named as Ultimate Member,...