Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than ...

WordPress administrators are being emailed fake WordPress security advisories for a fictitious vulnerability tracked as CVE-2023-45124 to infect sites with a malicious plugin. The campaign has been ...

Hackers exploit a critical WordPress plugin flaw that allows creation of administrator accounts without authentication.

The WordPress security team has taken a rare step last week and used a lesser-known internal capability to forcibly push a security update for a popular plugin. While robust passwords help you secure ...

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

WordPress security should be a concern for every WordPress user. Here are 7 security plugins that Wordpress users have rated the highest. WordPress security has become a topic of huge importance for ...

WordPress announced a major clampdown to protect its theme and plugin ecosystem from password insecurity. These improvements follow a flurry of attacks in June that compromised multiple plugins at the ...

WordPress announced a proposal to take a more proactive approach toward third party plugins in order to improve security and site performance. What is being discussed is a plugin checker that will ...

It's an interesting paradox. WordPress powers 35 percent of all websites on the Internet, in part because it's so flexible and modular. It has a robust library of more than 50,000 plugins, each adding ...

A popular WP plugin can be abused to take over websites and thousands of sites are vulnerable.