Searchenginejournal.com

Vulnerabilities Discovered in Five WooCommerce WordPress Plugins

The U.S government National Vulnerability Database (NVD) published warnings of vulnerabilities in five WooCommerce WordPress plugins affecting over 135,000 installations. Many of the vulnerabilities ...
Threat Post

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug

The shopping cart application contains a PHP object-injection bug. A security vulnerability in the Welcart e-Commerce plugin opens up websites to code injection. This can lead to payment skimmers ...
CSOonline

WordPress 0-day content injection vulnerability

Today news broke of a particularly nasty zero day vulnerability in the WordPress REST API. The vulnerability in this case would allow for content injection as well as privilege escalation. This ...
Network World

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system released an update last week, but intentionally delayed announcing that the patch addressed a severe vulnerability. WordPress version ...
Ars Technica

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...
Threat Post

1.5M Unpatched WordPress Sites Hacked Following Vulnerability Disclosure

WordPress security experts said that 1.5M sites have been defaced following the disclosure of a silently fixed content injection vulnerability. Attackers have taken a liking to a content-injection ...
Searchenginejournal.com

Facebook for WordPress Plugin Vulnerability Targets +500,000 Sites

Two vulnerabilities were patched in the Facebook for WordPress Plugin. The exploits could allow a malicious attacker to install backdoors, create administrator level accounts and stage a complete site ...