A popular WordPress vulnerability has been found carrying a critical vulnerability which allowed hackers to attack websites, steal sensitive data, and even force them offline. The vulnerability, ...

A WordPress plugin has been found to contain "easily exploitable" security issues that can be exploited to completely take over vulnerable websites. The plugin at the heart of the matter, WP Database ...

An attack over the weekend unsuccessfully targeted 1.3 million WordPress websites, in attempts to download their configuration files and harvest database credentials. Attackers were spotted targeting ...

The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext passwords from user login attempts to the site's database, putting ...

Researcher Ryan Dewhurst released the WPScan Vulnerability Database, a database housing security vulnerabilities in WordPress core code, plug-ins and themes. It’s available for pen-testers, WordPress ...

Security researcher Jason A. Donenfeld has revealed a security hole in a popular WordPress plugin that could be used to obtain sensitive data from an affected site. The flaw was discovered in W3 Total ...

WPScan and the United States Government National Vulnerability Database published a notice of a vulnerability discovered in the HubSpot WordPress plugin. The vulnerability exposes users of the plugin ...

The United States National Vulnerability Database (NVD) announced that the Thirsty Affiliate Link Manager WordPress plugin has two vulnerabilities that can allow a hacker to inject links. Additionally ...

More than 60 million people and businesses use WordPress to run their websites or blogs, according to founder Matt Mullenweg. WordPress is a free, open-source blogging platform and content-management ...