Threat Post

Newsletter WordPress Plugin Opens Door to Site Takeover

An XSS bug and a PHP object-injection vulnerability are present in a plugin used by hundreds of thousands of websites. Newsletter, a WordPress plugin with more than 300,000 installations, has a pair ...
Bleeping Computer

Newsletter plugin bugs let hackers inject backdoors on 300K sites

Owners of WordPress sites who use the Newsletter plugin are advised to update their installations to block attacks that could use a fixed vulnerability allowing hackers to inject backdoors, create ...
GMA Network

Newsletter plugin vulnerability puts WordPress sites at risk

Bloggers using the WordPress platform may have to upgrade their sites soon lest they fall prey to a vulnerability in the popular MailPoet newsletter plugin. Security vendor Sucuri said the MailPoet ...

More than 40,000 WordPress sites affected by new malware flaw

A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...
TechRadar

Another top WordPress plugin hacked to allow account takeover - stay safe with these tips

Experts find a way to trick Forminator into deleting a core WordPress file This process would trigger the site's setup, where hackers can take it over A patch is available, and users are advised to ...