10Web WordPress Photo Gallery Plugin Vulnerability

Web Photo Gallery plugin vulnerability enables attacker to delete image comments. Impacts all plugin versions up to and ...
Bleeping Computer

WordPress.org to require 2FA for plugin developers by October

Starting October 1st, WordPress.org accounts that can push updates and changes to plugins and themes will be required to activate two-factor authentication (2FA) on ...

WordPress Advanced Custom Fields Extended Plugin Vulnerability

A vulnerability in an ACF addon plugin exposes up to 100,000 installations to a complete site takeover by unauthenticated ...
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
Ars Technica

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be ...