wordpress
61 articles with this tag
CRITICAL
INFO
HIGH
LOW
HIGH
CRITICAL
CRITICAL
CRITICAL
LOW
CRITICAL
HIGH
HIGH
INFO
MEDIUM
HIGH
HIGH
CRITICAL
CRITICAL
LOW
MEDIUM
INFO
CRITICAL
MEDIUM
CRITICAL
CRITICAL
MEDIUM
MEDIUM
INFO
INFO
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
INFO
HIGH
INFO
INFO
MEDIUM
CRITICAL
CRITICAL
MEDIUM
CRITICAL
CRITICAL
CRITICAL
HIGH
CRITICAL
CRITICAL
INFO
HIGH
MEDIUM
MEDIUM
INFO
INFO
MEDIUM
HIGH
MEDIUM
[webapps] cPanel - CRLF Injection
$20 per zero-day is already the WordPress plugin reality
[NEU] [mittel] WP Royal Royal Elementor Addons: Schwachstelle ermöglicht Cross-Site Scripting
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 11, 2026 to May 17, 2026)
How a Webmail Log File Became a Root-Level Backdoor
WordPress Funnel Builder vulnerability exploited to steal payment data
Funnel Builder WordPress plugin bug exploited to steal credit cards
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 4, 2026 to May 10, 2026)
200,000 WordPress Sites at Risk from Critical Authentication Bypass Vulnerability in Burst Statistics Plugin
Avada Builder Flaws Expose One Million WordPress Sites
1,000,000 WordPress Sites Affected by Arbitrary File Read and SQL Injection Vulnerabilities in Avada Builder WordPress Plugin
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 27, 2026 to May 3, 2026)
Arbitrary code pushed by long concealed backdoor in widely used WordPress redirect add-on
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 20, 2026 to April 26, 2026)
Popular WordPress redirect plugin hid dormant backdoor for years
Critical vulnerability in WordPress Breeze Cache plugin exploited
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 13, 2026 to April 19, 2026)
[webapps] WordPress Plugin 5.2.0 - Broken Access Control
The Increasing Role of AI in Vulnerability Research
Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 30, 2026 to April 5, 2026)
Critical Vulnerability in Ninja Forms Exposes WordPress Sites
Hackers exploit critical flaw in Ninja Forms WordPress plugin
[NEU] [mittel] WP Royal Royal Elementor Addons: Schwachstelle ermöglicht Cross-Site Scripting
[webapps] WordPress Madara - Local File Inclusion
Cloudflare’s new CMS is not a WordPress killer, it’s a WordPress alternative
Wordfence Bug Bounty Program Monthly Report – February 2026
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 16, 2026 to March 22, 2026)
800,000 WordPress Sites Affected by Arbitrary File Read Vulnerability in Smart Slider 3 WordPress Plugin
ClickFix treibt neue Infostealer-Kampagnen an
Hacked sites deliver Vidar infostealer to Windows users
Multiples vulnérabilités dans WordPress (11 mars 2026)
Compromised WordPress Sites Deliver ClickFix Attacks in Global Infostealer Campaign
30,000 WordPress Sites Affected by Authentication Bypass Vulnerability in Tutor LMS Pro WordPress Plugin
WordPress membership plugin bug exploited to create admin accounts
[webapps] WordPress Backup Migration 1.3.7 - Remote Command Execution
Wordfence Intelligence Weekly WordPress Vulnerability Report (February 16, 2026 to February 22, 2026)
Metasploit Wrap-Up 02/20/2026
Wordfence Bug Bounty Program Monthly Report – January 2026
Wordfence Intelligence Weekly WordPress Vulnerability Report (February 9, 2026 to February 15, 2026)
GrayCharlie Hijacks Law Firm Sites in Suspected Supply-Chain Attack
Critical WordPress Backup Plugin Flaw Leaves 800,000 Sites Exposed to Remote Code Execution
CVE-2026-1357 (CVSS 9.8) Hits WordPress Plugin With 900K Installs
Nearly a million WordPress websites could be at risk from this serious plugin security flaw
CVE-2026-1357 Security Vulnerability Analysis & Exploit Details
Rapid7
Critical vulnerability in WPvivid backup plugin allows remote code execution
WordPress Security Bulletin: Migration, Backup, Staging 6 WPvivid Backup & Migration Plugin Vulnerability (CVE-2026-1357) | Freshy
CVE-2026-1357 — Phpseclib +1 | dbugs
WordPress plugin with 900k installs vulnerable to critical RCE flaw
Wordfence Intelligence Weekly WordPress Vulnerability Report (February 2, 2026 to February 8, 2026)
800,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in WPvivid Backup WordPress Plugin
Meet IClickFix: a widespread WordPress-targeting framework using the ClickFix tactic
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 19, 2026 to January 25, 2026)
Important Notice: Preserving Free Access While Evolving the Wordfence Intelligence Vulnerability API
Quarterly WordPress Threat Intelligence Report – Q4 2025
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 26, 2026 to February 1, 2026)
SQL Injection Flaw Affects 40,000 WordPress Sites
CVE-2025-6461: The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information ...