March 16, 2025 A significant security vulnerability has been identified in the UpdraftPlus plugin, a widely used backup solution for WordPress websites. This flaw potentially allows unauthorized users to access sensitive backup files, posing substantial risks to affected more...
June 2, 2023 WordPress has addressed a critical flaw discovered in the Jetpack plugin, which had the potential to enable authors to manipulate files within the WordPress installation. The vulnerability came to light during an internal security audit more...
May 8, 2023 Following the discovery of CVE-2023-30777, a security flaw characterized by reflected cross-site scripting (XSS), users of the Advanced Custom Fields plugin for WordPress are advised to update to version 6.1.6. Malicious actors might use this more...
May 3, 2023 WordPress has discontinued its Twitter integrations due to Twitter's new, pricey API membership plans, introduced earlier this year by Elon Musk. Developers who wish to create Twitter-based apps or integrations must now pay at least more...
January 11, 2022 WordPress has released version 5.8.3 security update that fixes four vulnerabilities: CVE-2022-21661, CVE-2022-21662, CVE-2022-21663, and CVE-2022-21664. CVE-2022-21661 is a SQL injection via WP _ Query. The vulnerability is a high severity flaw with an 8.0 more...
December 9, 2021 Cybercriminals are now injecting credit card swipers on random plugins from e-commerce WordPress sites to carry out credit card theft. The process begins with hacking into WordPress sites, while also injecting a backdoor into the more...
November 17, 2021 Cybersecurity firm Sucuri revealed that nearly 300 WordPress sites were hacked last week with a fake encryption message to entice site owners to pay a fee of 0.1 Bitcoin (~$6,069.23) for restoring their website. In more...
