Researchers are urging users of the GDPR Cookie Consent WordPress plugin to update as soon as possible.
Authentication bypass bugs in WordPress plugins InfiniteWP Client and WP Time Capsule leave hundreds of thousands of sites open to attack.
One flaw found in WordPress plugins Ultimate Addons for Beaver Builder and Ultimate Addons for Elementor is actively being exploited.
Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover.
Researchers warn users of several plugins to update as vulnerabilities are being actively exploited to redirect website visitor traffic.
An ongoing malvertising campaign is exploiting WordPress plugin vulnerabilities to redirect website visitors to malicious pages.
A cross-site scripting vulnerability in WordPress plugin WP Statistics could have enabled full website takeover.
New .htaccess injector threat on Joomla and WordPress websites redirects to malicious websites.
After researchers were able to bypass a file upload validation flaw patch in WP Live Chat, a new patch has been issued.
More and more attacks taking advantage of a XSS and RCE bug in the popular plugin have cropped up in the wild.