Infosecurity-magazine.com

WordPress Plugin Vulnerability Exposes 90,000 Sites to Attack

A critical vulnerability in the Jupiter X Core WordPress plugin, used on over 90,000 websites, has been identified by security researchers. The flaw, discovered on January 6, allows attackers with ...
Infosecurity-magazine.com

Major WordPress Plugin Flaw Exploited in Under 4 Hours

A critical vulnerability in the WordPress plugin SureTriggers has exposed thousands of websites to remote attacks, allowing unauthenticated users to create administrative accounts. SureTriggers ...

WordPress Membership Plugin Flaw Exposes Sensitive Stripe Data

WordPress membership plugin vulnerability exposing sensitive Stripe payment data affects up to 10,000 websites.
TechRadar

WordPress plugin with over a million installs may have a worrying security flaw - here's what we know

W3 Total Cache plugin flaw CVE-2025-9501 enables unauthenticated PHP command injection Affects all versions before 2.8.13; ~327,000+ sites remain at risk WPScan PoC exploit set for Nov 24, raising ...
Bleeping Computer

Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware

Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. The flaw leveraged in the ...
TechRadar

WordPress users beware - this popular plugin has been hijacked to push potential malware

The RocketGenius website served a malicious variant of the Gravity Forms WordPress add-on for a few hours The variant harvested extensive information and allowed for RCE The malware affected only ...