A popular WordPress plugin has a worrying flaw

Here's how to stay safe ...

ACF plugin bug gives hackers admin on 50,000 WordPress sites

A critical-severity vulnerability in the Advanced Custom Fields: Extended (ACF Extended) plugin for WordPress can be ...

Hackers exploit WordPress plugin security flaw exposing 40,000 websites to complete ...

In its write-up, Patchstack said the flaw is already being exploited in the wild, and that first attacks were detected on ...
The Hacker News

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched ...

All In One SEO WordPress Vulnerability Affects Over 3 Million Sites

A vulnerability in the AIOSEO plugin affecting up to 3 million installations adds to the six vulnerabilities found in 2025.

10Web WordPress Photo Gallery Plugin Vulnerability

Web Photo Gallery plugin vulnerability enables attacker to delete image comments. Impacts all plugin versions up to and ...

Hackers exploit Modular DS WordPress plugin flaw for admin access

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass ...
TechCrunch

WordPress Playground lets you run WordPress entirely in your browser

If you don’t keep up with WordPress ecosystem news, you might not be aware of a cool new project called WordPress Playground. And I include myself in this group, as I had never heard of WordPress ...