WPvivid Backup & Migration plugin allows for arbitrary file upload which can lead to remote code execution.

A major update to Yoast SEO fixes a bug that affected the rankings of certain websites. The founder of Yoast, Joost de Valk, personally offered an apology to victims ...

WordPress site owners who use commercial themes provided by ThemeGrill are advised to update one of the plugins that come installed with these themes to patch a critical bug that can let attackers ...

Two security vulnerabilities — one a privilege-escalation problem and the other a stored XSS bug — afflict a WordPress plugin with 40,000 installs. Two vulnerabilities (one critical) in a WordPress ...

A high severity security flaw found in a WordPress plugin with more than 8,000 active installs can let authenticated attackers reset and wipe vulnerable websites. The plugin in question, known as ...

One flaw found in WordPress plugins Ultimate Addons for Beaver Builder and Ultimate Addons for Elementor is actively being exploited. Security researchers are warning users of two WordPress plugins – ...

A new, dangerous vulnerability in a popular WordPress plugin was recently discovered. Cybersecurity researchers from Wordfence uncovered a flaw in the Elementor plugin that allowed any authenticated ...

A bug recently found in a popular WordPress plugin could have put thousands of sites at risk of running malicious web scripts against unsuspecting visitors. The vulnerability, discovered by the ...

A high severity bug found in Facebook's official chat plugin for WordPress websites with over 80,000 active installations could allow attackers to intercept messages sent by visitors to the vulnerable ...

The WordPress security team has taken a rare step last week and used a lesser-known internal capability to forcibly push a security update for a popular plugin. While robust passwords help you secure ...