TechCrunch

In latest move against WP Engine, WordPress takes control of ACF plug-in

The dispute between WordPress founder Matt Mullenweg and hosting provider WP Engine continues, with Mullenweg announcing that WordPress is “forking” a plug-in developed by WP Engine. Specifically, ...
Digital Trends

A new WordPress bug may have left 2 million sites vulnerable

A flaw in two WordPress custom plug-ins leaves users vulnerable to cross-site scripting attacks (XSS), according to a recent report. The flaw, called CVE-2023-30777 was discovered on May 2 and was ...
Dark Reading

Critical WordPress Plug-in Flaw Exposes 4M Sites to Takeover

A WordPress plug-in installed on more than 4 million websites exposes them to full administrative takeover through a scripting flaw that potentially can be used to launch large-scale automated attacks ...
PC World

Flaw in popular WordPress plug-in Jetpack puts over a million websites at risk

Owners of WordPress-based websites should update the Jetpack plug-in as soon as possible because of a serious flaw that could expose their users to attacks. Jetpack is a popular plug-in that offers ...
Dark Reading

Critical WordPress Plug-in RCE Bug Exposes Reams of Websites to Takeover

A critical unauthenticated remote control execution (RCE) bug in a backup plug-in that's been downloaded more than 90,000 times exposes vulnerable WordPress sites to takeover — another example of the ...