WordPress Vulnerability in Essential Addons for Elementor
1+ Million WordPress sites affected by vulnerabilities that could lead to remote code execution attacks
All In One SEO Vulnerability Affects +3 Million Sites
All In One SEO Plugin patched SQL Injection vulnerability that could expose privileged database information
cPanel Plugin Contains Log4j Vulnerability
cPanel plugin contains the critically vulnerable log4j library affected by what is being called a catastrophic vulnerability
Catastrophic Log4j Security Fail Threatens Enterprise Systems & Web Apps Worldwide
The vulnerability, listed as CVE-2021-44228 in Apache Log4j Security Vulnerabilities, enables remote attackers to take control of an affected system.
WordPress Template Plugin Vulnerability Hits +1 Million Sites
WordPress plugin by the makers of Astra Theme patched an XSS vulnerability that can lead to total site takeover and attacks on site visitors
WordPress Plugin OptinMonster Vulnerability Affects +1 Million Sites
WordPress Plugin OptinMonster Vulnerability exposes publishers to full site takeover and threat of malicious downloads
WordPress Facebook Feed Plugin Vulnerability Exposes 200,000+ Websites
Smash Balloon Social Post Feed WordPress plugin vulnerability exposes over 200,000 websites to Stored XSS vulnerability
WordPress Ninja Forms Vulnerability Exposes Over a Million Sites
WordPress Ninja Forms vulnerability can lead to a full site take over and phishing scams
WordPress Gutenberg Template Library Plugin Vulnerability Affects +1 Million Sites
Two vulnerabilities in the Gutenberg Template Library & Redux Framework plugin have been discovered to be vulnerable. Over 1 million sites are affected
WordPress SEOPress Plugin Vulnerability
WordPress security company discloses an XSS Vulnerability affects SEOPress that could lead to a full site takeover
WooCommerce Vulnerability Affects Millions of WordPress Sites
WooCommerce announced a patch for a critical vulnerability that is rolling out as a forced update. Publishers urged to check if updated
WordPress 5.7.2 Patches a Critical Vulnerability
WordPress released an update to patch an Object Injection Vulnerability rated by the National Vulnerability Database as critical.
WordPress Autoptimize Plugin Vulnerability Affects +1 Million Sites
Website Optimization Plugin Autoptimize contains a Stored XSS vulnerability. A patch has been released to fix the problem.
WordPress Ultimate Addons for Elementor Vulnerability Affects +1 Million
Two Brainstorm Force addon plugins for Elementor were discovered to have vulnerabilities affecting over a million websites.
Facebook for WordPress Plugin Vulnerability Targets +500,000 Sites
Two exploits affecting the popular Facebook for WordPress plugin can lead to a total site takeover and malicious backdoors
WordPress Elementor Vulnerability Affects +7 Million
Stored Cross-site Scripting Vulnerability on WordPress page builder plugin Elementor can enable a full site takeover
WP Super Cache Vulnerability Affects Over 2 Million Sites
Authenticated Remote Code Execution Vulnerability Discovered in WP Super Cache. Although low severity it’s recommended all users update now.
The Plus Addons for Elementor Critical Vulnerability
Zero Day total site takeover exploit discovered in popular WordPress plugin for Elementor page builder
Contact Form 7 Vulnerability in +5 Million Sites
A serious vulnerability was patched in Contact Form 7 that allows attackers to upload malicious scripts.
WordPress Redux Plugin Vulnerability Affects +1 Million Sites
Redux Gutenberg Blocks Library & Framework, with over 1 million active users, patched a CSRF vulnerability
WordPress Easy WP SMTP Plugin Vulnerability
Popular WordPress plugin with over 500,000 active installations was recently patched to fix an exploit that grants hackers complete control.
WordPress Ultimate Member Plugin Vulnerability
Ultimate Member WordPress plugin issued a patch for three critical and severe exploits that grant attackers total control of a site.
Loginizer WordPress Vulnerability Affects +1 Million Sites
Popular WordPress security plugin Loginizer patched two security issues, including a SQL Injection.
WP Bakery WordPress Vulnerability Affects Millions of Sites
WP Bakery Page Builder WordPress plugin vulnerability affects over 4 million sites.
Divi WordPress Theme Vulnerability
Critical vulnerability discovered in Elegant Themes Divi and Extra Themes as well as in the Divi Builder WordPress plugin.
All in One SEO Pack Vulnerability – New Exploit
Researchers discovered a vulnerability in All in One SEO Pack. Exploit could allow a total takeover of a WordPress website.
Google Site Kit WordPress Plugin Vulnerability
Critical vulnerability discovered in Google Site Kit WordPress plugin.
Elementor Pro Critical Vulnerability
Critical vulnerabilities in Elementor Pro allows hacker control of website
Ninja Forms Plugin Vulnerability
Ninja Forms WordPress Plugin patches a high severity vulnerability.