Security researchers have discovered critical yet easily exploitable vulnerabilities in a popular WordPress plugin that can be abused to upload arbitrary files to affected websites. In their breakdown ...

The RocketGenius website served a malicious variant of the Gravity Forms WordPress add-on for a few hours The variant harvested extensive information and allowed for RCE The malware affected only ...

The development team of the vulnerable Total Donations plugin appears to have abandoned it, and did not respond to inquiries from researchers. Researchers are urging WordPress site owners to delete a ...

The privilege-escalation vulnerability would allow an attacker to inject malware, place ads and load custom code on an impacted website. Another day, another critical WordPress plugin vulnerability.

A new variant of the infamous ClearFake (AKA ClickFix) malware has been detected in the wild, and has already managed to compromise thousands of WordPress websites. Researchers from GoDaddy claim to ...

The Ultimate Member WordPress plugin enables publishers to create online communities on their websites. The plugin works by creating a frictionless process for user sign-ups and creation of user ...

WordPress used to be an ordinary content management system, which was used by small-sized blogs and websites only. But it expanded into a multi-user platform, and all types of sites are now developed ...

The WordPress WP HTML Mail plugin, installed in over 20,000 sites, is vulnerable to a high-severity flaw that can lead to code injection and the distribution of convincing phishing emails. 'WP HTML ...

WordPress security should be a concern for every WordPress user. Here are 7 security plugins that Wordpress users have rated the highest. WordPress security has become a topic of huge importance for ...