Threat Post

20K WordPress Sites Exposed by Insecure Plugin REST-API

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS. More than 20,000 WordPress sites are vulnerable to malicious code injection, phishing ...

WordPress plugins with critical vulnerabilities, some already under attack

Security vulnerabilities with critical risk ratings are present in widespread WordPress plugins. One is already being attacked.
Searchenginejournal.com

WordPress Ninja Forms Vulnerability Exposes Over a Million Sites

Today it was disclosed that the popular WordPress contact form called Ninja Forms patched two vulnerabilities, affecting over 1 million WordPress installations. This represents another in a growing ...

NotificationX WordPress WooCommerce Plugin Vulnerabilities Impact 40k Sites

An advisory was issued for a WordPress plugin vulnerability that can enable unauthenticated attackers to inject malicious ...
Threat Post

WooCommerce Falls to Fresh Card-Skimmer Malware

The payment-card stealer differs from typical malware targeting WordPress-based e-commerce environments. Credit-card-stealing criminals have set their sights on the WordPress plugin known as ...