Bleeping Computer

Security plugin flaw in millions of WordPress sites gives admin access

A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions. Really ...

All In One SEO WordPress Vulnerability Affects Over 3 Million Sites

A vulnerability in the AIOSEO plugin affecting up to 3 million installations adds to the six vulnerabilities found in 2025.
Ars Technica

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...

A popular WordPress plugin has a worrying flaw

Here's how to stay safe ...
Search Engine Land

Microsoft releases IndexNow plugin for WordPress

Microsoft Bing has published a new WordPress plugin that makes it easy to integrate your WordPress blog and site with the IndexNow protocol. The plugin was released over the holidays and is available ...
Threat Post

WordPress Plugin Bug in Popup Builder Threatens 100K Websites

The high-severity flaw allows malicious code injection into website pop-up windows. Two vulnerabilities – including a high-severity flaw – have been patched in a popular WordPress plugin called Popup ...

10Web WordPress Photo Gallery Plugin Vulnerability

Web Photo Gallery plugin vulnerability enables attacker to delete image comments. Impacts all plugin versions up to and ...