ZDNet

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites. The zero-day was used in ...
ZDNet

WordPress plugin vulnerability can be exploited for total website takeover

A WordPress plugin has been found to contain "easily exploitable" security issues that can be exploited to completely take over vulnerable websites. The plugin at the heart of the matter, WP Database ...
Searchenginejournal.com

WordPress Easy WP SMTP Plugin Vulnerability

Popular WordPress plugin Easy WP SMTP plugin, with over 500,000 active installations, just patched a vulnerability that allows an attacker to take control of a site. The flaw in the WordPress plugin ...
Bleeping Computer

Ironic twist: WP Reset PRO bug lets hackers wipe WordPress sites

A high severity security flaw in the WP Reset PRO WordPress plugin can let authenticated attackers wipe vulnerable websites, as revealed by Patchstack security researchers. It impacts only premium ...
TechRadar

This WordPress vulnerability could let hackers hijack your entire site

A WordPress plugin has been discovered to contain “easily exploitable” security issues that could be leveraged by an attacker to gain complete control over vulnerable websites. The plugin is called WP ...
Bleeping Computer

WordPress Elementor plugin bug let attackers hijack accounts on 1M sites

One of WordPress's most popular Elementor plugins, "Essential Addons for Elementor," was found to be vulnerable to an unauthenticated privilege escalation that could allow remote attacks to gain ...
IT World Canada

The endless story of WordPress plugins security issues

There are numerous benefits of leveraging the WordPress content management system (CMS) to create a website. It’s open-source, flexible, and amazingly easy to set up. The key advantage is that the ...