Here’s another release of our SEO plugin, Yoast SEO 20.8. We’ve improved our SEO analysis in this release and fixed several issues. In...

The National Vulnerability Database announced that a popular Google Analytics WordPress plugin installed in over 3 million was discovered to contain a Stored Cross-Site...

WordPress is one of the most popular content management systems (CMS) in the world, powering over 40% of all websites on the internet. With...

Is your ecommerce business built around a WordPress website?If your answer is yes, then you may be overwhelmed by the more than 50,000 WordPress website plugins that are currently available. But for most...

Staff at European government organizations have been receiving malicious emails that appear to be coming from email accounts belonging to members of the Ukrainian military.

read more

A high-severity vulnerability in the UpdraftPlus WordPress plugin can allow an attacker to obtain website backups that could contain sensitive information.

read more

Patches have been issued to contain a "severe" security vulnerability in UpdraftPlus, a WordPress plugin with over three million installations, that can be weaponized to download the site's private data using an account on the vulnerable sites. "All versions of UpdraftPlus from March 2019 onwards have contained a vulnerability caused by a missing permissions-level check, allowing untrusted users

Thousands of WordPress websites were impacted by three remote code execution vulnerabilities that were identified in the PHP Everywhere plugin, the Wordfence team at WordPress security company Defiant warns.

read more

We shouldn't need to say, "Check your inputs!" these days, but we're saying it anyway.

Now-patched issue in Essential Addons for Elementor gives attackers a way to carry out local file inclusion attacks, researchers say.

In yet another instance of software supply chain attack, dozens of WordPress themes and plugins hosted on a developer's website were backdoored with malicious code in the first half of September 2021 with the goal of infecting further sites. The backdoor gave the attackers full administrative control over websites that used 40 themes and 53 plugins belonging to AccessPress Themes, a Nepal-based

Researchers from WordPress security company Wordfence found a security vulnerability that affected 3 different WordPress plugins, which has impacted over 84,000 websites and could be abused by a malicious threat actor to take over vulnerabile sites. “This flaw made it possible for an attacker to update arbitrary site options on a vulnerable site, provided they could […]