More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows ...

More than 30 WordPress plugins were shut down after a supply-chain backdoor compromised thousands of sites through the ...

Hackers can now take over WordPress sites instantly using a simple plugin flaw ...

Dozens of WordPress plugins were allegedly hijacked to push malware after they were sold to a new corporate owner.

More than 30 popular WordPress plugins were removed after investigators found backdoors inserted by a new owner following a business sale. The malicious code remained dormant for months before being ...

A malicious actor found a struggling WordPress plugin company, bought it, and introduced malware to each product.

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading ...

The WordPress security team has taken a rare step last week and used a lesser-known internal capability to forcibly push a security update for a popular plugin. While robust passwords help you secure ...

WordPress announced a major clampdown to protect its theme and plugin ecosystem from password insecurity. These improvements follow a flurry of attacks in June that compromised multiple plugins at the ...

It's an interesting paradox. WordPress powers 35 percent of all websites on the Internet, in part because it's so flexible and modular. It has a robust library of more than 50,000 plugins, each adding ...