Sneeit WordPress RCE flaw allows hackers to add themselves as admin - here's how to stay safe

A critical flaw in a WordPress add-on was recently patched, which allows crooks to add a rogue admin account to the site.
Searchenginejournal.com

Top 15 Ways To Secure A WordPress Site

Hackers and malicious actors are relentless in their attempts to gain access to websites and their sensitive data. The result? We are currently seeing an unprecedented amount of cyber security attacks ...
Searchenginejournal.com

WordPress Security Plugin Exposes +1 Million Websites

The WPS Hide Login WordPress plugin recently patched a vulnerability that exposes users secret login page. The vulnerability allows a malicious hacker to defeat the purpose of the plugin (of hiding ...
Bleeping Computer

WordPress Motors theme flaw mass-exploited to hijack admin accounts

Hackers are exploiting a critical privilege escalation vulnerability in the WordPress theme "Motors" to hijack administrator accounts and gain complete control of a targeted site. The malicious ...
Bleeping Computer

Hackers exploit WordPress plugin Post SMTP to hijack admin accounts

Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts.
TechCrunch

WordPress.org bans WP Engine, blocks it from accessing its resources

WordPress drama went up another notch on Wednesday after WordPress.org, the open source web-hosting software, banned hosting provider WP Engine from accessing its resources. In a post on WordPress.org ...