WordPress announced a major clampdown to protect its theme and plugin ecosystem from password insecurity. These improvements follow a flurry of attacks in June that compromised multiple plugins at the ...

WordPress powers about 43% of all websites worldwide. This makes it an indispensable platform for organizations of all sizes. Unfortunately, that popularity also makes WordPress a prime target for ...

WordPress released a security update to fix sixteen vulnerabilities, recommending that sites be updated immediately. The security notice did not offer a description of the severity of the ...

WordPress administrators are being emailed fake WordPress security advisories for a fictitious vulnerability tracked as CVE-2023-45124 to infect sites with a malicious plugin. The campaign has been ...

Older versions of Post SMTP allowed hackers to read all emails They could also reset the admin password and read the notification email, gaining access to the account More than 160,000 WordPress sites ...

Cybersecurity researchers have found a critical vulnerability affecting millions of WordPress websites which could grant attackers full control over the vulnerable website. Security professionals from ...

King Addons plugin had two critical flaws enabling full WordPress site takeover Bugs allowed unauthenticated file uploads and privilege escalation via registration endpoint Users must update to ...

The Anti-Malware Security and Brute-Force Firewall plugin for WordPress, installed on over 100,000 sites, has a vulnerability that allows subscribers to read any file on the server, potentially ...

The recent travails of WordPress have caused consternation among the web community that relies on the platform, which powers more than four in ten websites online today. Now, a coalition of prominent ...

Even though in the past, many consultants (including myself) used to recommend Jetpack for WordPress, there is a very ...