Lifehacker

Update This WordPress Plugin to Prevent a Site Takeover

Security researchers discovered a severe vulnerability present in older versions of the popular WordPress plugin Code Snippets that could allow attackers to take over a person’s website remotely. The ...
Threat Post

200K WordPress Sites Vulnerable to Plugin Flaw

Developers behind WordPress plugin Code Snippets have issued a patch for the high-severity flaw. A high-severity vulnerability exists in a popular WordPress plugin, potentially opening up 200,000 ...

Another major WordPress add-on security flaw could affect 10,000 sites - find out if you're affected

King Addons for Elementor, a commercial WordPress plugin that extends the Elementor page builder with extra website builder ...
Bleeping Computer

Hackers abuse WordPress MU-Plugins to hide malicious code

Hackers are utilizing the WordPress mu-plugins ("Must-Use Plugins") directory to stealthily run malicious code on every page while evading detection. The technique was first observed by security ...
Ars Technica

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be ...