The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS. More than 20,000 WordPress sites are vulnerable to malicious code injection, phishing ...

WordPress users who have installed the WooCommerce Stripe Gateway Plugin are being urged to update to at least version 7.4.1 following the news of a major vulnerability potentially exposing users’ PII ...

A recent security audit of the Slider Revolution plugin has uncovered two significant vulnerabilities that could compromise the security of WordPress websites. Slider Revolution, a widely used premium ...

WordPress security company Patchstack published an advisory about a serious vulnerability in Gravity Forms caused by a supply chain attack. Gravity Forms responded immediately and released an update ...

Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure. Users are strongly ...

A new malware campaign targeting WordPress sites employs a malicious plugin disguised as a security tool to trick users into installing and trusting it. According to Wordfence researchers, the malware ...

WordPress powers about 43% of all websites worldwide. This makes it an indispensable platform for organizations of all sizes. Unfortunately, that popularity also makes WordPress a prime target for ...

Even though in the past, many consultants (including myself) used to recommend Jetpack for WordPress, there is a very ...

If you don’t keep up with WordPress ecosystem news, you might not be aware of a cool new project called WordPress Playground. And I include myself in this group, as I had never heard of WordPress ...

You put so much work into making your WordPress website, it’d be a shame if one little thing could be its entire undoing. If your website takes longer to load than it took you to read this paragraph, ...