Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being ...

Security researcher “vullu164” recently told Wordfence they found a vulnerability in WPForms versions 1.8.4 - 1.9.2, both ...

Hackers are exploiting a critical vulnerability in the "Hunk Companion" plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository.

The flaw allows crooks to install other plugins from the WP repository, including those with known RCE flaws ...

Attackers exploit Hunk Companion vulnerability (CVE-2024-11972) to install flawed plugins, enabling RCE attacks on 10,000+ ...

Two vulnerabilities in the Hunk Companion and WP Query Console WordPress plugins allow attackers to backdoor websites.

The vendor coordinated with WordPress.org to perform force security updates on users of the plugin, but website administrators still need to check and ensure they're running the latest version (9. ...

The Broken Link Checker is a plugin that checks for broken links but is not commonly used in this sample of sites. Google ...

Wordfence, a cybersecurity company that specializes in making WordPress security products, has found a critical vulnerability in a plugin used by over 4 million internet websites. The company says ...

WP Engine won a preliminary injunction against WordPress, restoring access to WordPress.org after a heated trademark dispute.

Over 4 million WordPress websites were impacted by a critical Really Simple Security plugin vulnerability providing full administrative access. A critical-severity vulnerability in the Really Simple ...