TechRadar

Another top WordPress plugin hacked to allow account takeover - stay safe with these tips

Experts find a way to trick Forminator into deleting a core WordPress file This process would trigger the site's setup, where hackers can take it over A patch is available, and users are advised to ...
ZDNet

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites. The zero-day was used in ...

WordPress membership plugin bug exploited to create admin accounts

Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than ...

Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk

A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data ...
Infosecurity-magazine.com

PayU Plugin Flaw Allows Account Takeover on 5000 WordPress Sites

A critical vulnerability in the PayU CommercePro plugin has put thousands of WordPress sites at risk by allowing unauthenticated attackers to hijack user accounts, according to PatchStack. The flaw, ...