Bleeping Computer

Security plugin flaw in millions of WordPress sites gives admin access

A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions. Really ...
HotHardware

Serious WordPress Plugin Security Flaw Discovered Affects Millions Of Websites

Wordfence, a cybersecurity company that specializes in making WordPress security products, has found a critical vulnerability in a plugin used by over 4 million internet websites. The company says ...
Hosted on MSN

The plugin era is over: How they break your site & up your security risks

According to WPZOOM, there are over 70,000 plugins for WordPress. Seventy. Thousand. Plugins were supposed to make building and maintaining websites easier. And while they might well do that, they ...
Searchenginejournal.com

WordPress Security Plugin Vulnerability Endangers 4 Million+ Sites

A critical vulnerability was discovered in a popular WordPress security plugin with over 4 million installations. The flaw allows attackers to log in as any user, including administrators, and gain ...

ACF plugin bug gives hackers admin on 50,000 WordPress sites

A critical-severity vulnerability in the Advanced Custom Fields: Extended (ACF Extended) plugin for WordPress can be ...
Infosecurity Magazine

RealHomes CRM Plugin Flaw Affected 30,000 WordPress Sites

A security flaw in the RealHomes CRM plugin, bundled with a WordPress theme installed on more than 30,000 websites, has been ...
Searchenginejournal.com

WordPress Just Locked Down Security For All Plugins & Themes

WordPress announced a major clampdown to protect its theme and plugin ecosystem from password insecurity. These improvements follow a flurry of attacks in June that compromised multiple plugins at the ...