#wordpress-security
#wordpress-security

[ follow ]

Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk

A critical vulnerability in the Ally WordPress plugin allows unauthenticated attackers to extract sensitive database data including password hashes from hundreds of thousands of affected websites.

Information security

fromTheregister

1 month ago

Crooks compromise WordPress sites, spread infostealers

Attackers compromised legitimate WordPress sites including a US Senate candidate's website to distribute infostealer malware through fake Cloudflare CAPTCHA pages that trick users into running malicious commands.

Information security

fromThe Cyber Express

3 months ago

All In One SEO Vulnerability Exposes AI Token On WordPress

A missing permission check in All In One SEO's REST API allowed Contributor-level users to retrieve a site's global AI access token.

Privacy professionals

fromThe Hacker News

1 year ago

WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors

A significant phishing campaign is targeting WooCommerce users with fake alerts, prompting them to download malware disguised as security patches.

[ Load more ]

#wordpress-security#wordpress-security

Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk

Crooks compromise WordPress sites, spread infostealers

All In One SEO Vulnerability Exposes AI Token On WordPress

WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors

#wordpress-security
#wordpress-security