ZDNet

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites. The zero-day was used in ...
The Next Web

WordPress.org forces password reset after suspicious plugin activity

After noticing some suspicious commits to popular WordPress plugins today in the main WordPress.org repository, passwords are being reset for all users of WordPress.org, bbPress.org and BuddyPress.org ...
Bleeping Computer

Ironic twist: WP Reset PRO bug lets hackers wipe WordPress sites

A high severity security flaw in the WP Reset PRO WordPress plugin can let authenticated attackers wipe vulnerable websites, as revealed by Patchstack security researchers. It impacts only premium ...
TechRadar

This WordPress vulnerability could let hackers hijack your entire site

A WordPress plugin has been discovered to contain “easily exploitable” security issues that could be leveraged by an attacker to gain complete control over vulnerable websites. The plugin is called WP ...