Updates have been released for UpdraftPlus, a WordPress plugin with over 3 million installations, after a vulnerability was discovered by Jetpack security researcher Marc Montpas. Montpas said the ...

Security researcher at Automattic discovered a vulnerability affecting popular WordPress backup plugin, UpdraftPlus. The vulnerability allowed hackers to download user names and hashed passwords.

Millions of WordPress sites have received a forced patch over the past few days, Ars Technica has reported. The reason is a vulnerability in UpdraftPlus, a popular plugin that allows users to create ...

WordPress has taken the rare step of force-updating the UpdraftPlus plugin on all sites to fix a high-severity vulnerability allowing website subscribers to download the latest database backups, which ...

The vulnerability affects the popular Updraft Plus WordPress plugin, installed in over 3 million websites. Updraft Plus comes in a free and paid version that allows users to upload backups to a user’s ...

An oversight in a WordPress plug-in exposes PII and authentication data to malicious insiders. The WordPress plug-in “UpdraftPlus” was patched on Wednesday to correct a vulnerability that left ...

Over 6,700 WordPress websites fell victim to a sophisticated cyber campaign deploying the notorious Balada Injector malware. Initially brought to light by Dr. Web researchers, this concerted attack ...

Malicious plugins that hide in plain sight and act as backdoors are used by attackers to gain and maintain a foothold on WordPress websites, and to upload web shells and scripts for brute-forcing ...

Millions of WordPress sites have received a forced update over the past day to fix a critical vulnerability in a plugin called UpdraftPlus. The mandatory patch came at the request of UpdraftPlus ...