Wordfence Archives • Daily CyberSecurity

Kirki Plugin Vulnerability: 150K WordPress Sites Face Critical 9.8 CVSS Privilege Escalation in the Wild Kirki plugin vulnerability WordPress account takeover

Kirki plugin vulnerability WordPress account takeover

Kirki Plugin Vulnerability: 150K WordPress Sites Face Critical 9.8 CVSS Privilege Escalation in the Wild

Do Son June 2, 2026

An active cyber threat is targeting thousands of website environments globally. Specifically, a critical Kirki plugin vulnerability...

Critical WP Maps Pro Vulnerability Actively Exploited in the Wild WP Maps Pro vulnerability exploited in the wild

Critical WP Maps Pro Vulnerability Actively Exploited in the Wild

Do Son May 28, 2026

Recently, a major security threat emerged within the WordPress ecosystem. Attackers are actively targeting a critical flaw...

200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild Burst Statistics Authentication Bypass CVE-2026-8181 Exploit

Burst Statistics Authentication Bypass CVE-2026-8181 Exploit

200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild

Do Son May 14, 2026

In a major discovery for the WordPress ecosystem, PRISM, Wordfence Threat Intelligence’s autonomous vulnerability research platform, has...

Over 400,000 WordPress Sites at Risk as “Breeze” Plugin Zero-Day Is Exploited in the Wild WordPress RCE Breeze Plugin Vulnerability

Over 400,000 WordPress Sites at Risk as “Breeze” Plugin Zero-Day Is Exploited in the Wild

Do Son April 23, 2026

A major security threat is currently sweeping through the WordPress ecosystem. Breeze, a highly popular caching plugin...

Ninja Forms Alert: Critical 9.8 RCE Vulnerability Under Active Attack Ninja Forms RCE WordPress Vulnerability

Ninja Forms Alert: Critical 9.8 RCE Vulnerability Under Active Attack

Do Son April 6, 2026

In a major alert for the WordPress community, a critical security flaw has been disclosed in the...

200,000+ Sites at Risk: Perfmatters Flaw Enables Full WordPress Site Takeover Perfmatters Vulnerability WordPress Site Takeover

200,000+ Sites at Risk: Perfmatters Flaw Enables Full WordPress Site Takeover

Do Son April 3, 2026

Researchers expose a critical vulnerability in Perfmatters, a popular performance-optimization WordPress plugin with over 200,000 active installations....

Hackers Actively Exploiting 9.8 Critical RCE Flaw in Kali Forms WordPress Plugin

Do Son March 26, 2026

The attackers begin actively exploiting a critical vulnerability in Kali Forms, a popular drag-and-drop form builder WordPress...

High-Severity SQL Injection in Ally WordPress Plugin Threatens 400K Sites Ally Plugin Vulnerability SQL Injection

High-Severity SQL Injection in Ally WordPress Plugin Threatens 400K Sites

Do Son March 11, 2026

A high-severity SQL Injection vulnerability was found in Ally, a popular web accessibility and usability WordPress plugin....

Sabotage & Exploited in the Wild: Critical Backdoor Found in LA-Studio Element Kit CVE-2022-45359 LA-Studio Element Kit Backdoor CVE-2026-0920

Sabotage & Exploited in the Wild: Critical Backdoor Found in LA-Studio Element Kit

Do Son January 23, 2026

A critical security incident has rocked the WordPress community after a “backdoor” vulnerability was discovered in the...

CVE-2025-15521 (CVSS 9.8): Critical Academy LMS Flaw Exploited for Admin Takeover Academy LMS Vulnerability CVE-2025-15521

CVE-2025-15521 (CVSS 9.8): Critical Academy LMS Flaw Exploited for Admin Takeover

Do Son January 22, 2026

A critical security vulnerability has been unearthed in the Academy LMS plugin for WordPress, a popular tool...

Critical Flaw in “Advanced Custom Fields: Extended” Exposes 100K WordPress Sites to Takeover ACF Extended Vulnerability CVE-2025-14533

Critical Flaw in “Advanced Custom Fields: Extended” Exposes 100K WordPress Sites to Takeover

Do Son January 20, 2026

A critical security vulnerability has been discovered in Advanced Custom Fields: Extended, a popular WordPress plugin with...

Critical Elementor Plugin Flaw (CVE-2025-8489, CVSS 9.8) Under Active Exploitation Allows Unauthenticated Admin Takeover Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Critical Elementor Plugin Flaw (CVE-2025-8489, CVSS 9.8) Under Active Exploitation Allows Unauthenticated Admin Takeover

Do Son December 3, 2025

A critical security flaw in a popular WordPress plugin has triggered a massive wave of exploitation attempts,...

Actively Exploited: Critical Flaw CVE-2025-5947 (CVSS 9.8) Allows Unauthenticated Admin Takeover in WordPress Plugin FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

FortiClient EMS exploitation Cisco FIRESTARTER Backdoor Arcane Door Campaign Dell RecoverPoint Zero-Day UNC6201 Espionage Notepad++ Compromise Supply Chain Attack Magento SessionReaper CVE-2025-54236 ShadowRay 2.0, AI-Generated Malware WordPress Auth Bypass, CVE-2025-5947 Exploited EcoStruxure Vulnerabilities, Industrial Control System UNC5820 - CVE-2014-2120 - CVE-2021-44207

Actively Exploited: Critical Flaw CVE-2025-5947 (CVSS 9.8) Allows Unauthenticated Admin Takeover in WordPress Plugin

Do Son October 8, 2025

Security researchers at Wordfence have issued an urgent warning about an actively exploited authentication bypass vulnerability in...

Actively Exploited: Critical Flaw CVE-2025-6388 (CVSS 9.8) Allows Authentication Bypass in WordPress Plugin WordPress Auth Bypass, CVE-2025-6388 Exploited

WordPress Auth Bypass, CVE-2025-6388 Exploited

Actively Exploited: Critical Flaw CVE-2025-6388 (CVSS 9.8) Allows Authentication Bypass in WordPress Plugin

Do Son October 3, 2025

A newly disclosed vulnerability in the Spirit Framework plugin for WordPress has put thousands of websites at...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

CVE-2025-5821: Critical Authentication Bypass in WordPress Case Theme User Plugin Exploited in the Wild

Do Son September 16, 2025

Hackers are exploiting a critical authentication bypass vulnerability in the Case Theme User plugin, a WordPress plugin...

SureForms WordPress Plugin Flaw (CVE-2025-6691): Unauthenticated Arbitrary File Deletion Leads to Site Takeover, 200K Sites at Risks WordPress Plugin, Arbitrary File Deletion

WordPress Plugin, Arbitrary File Deletion

SureForms WordPress Plugin Flaw (CVE-2025-6691): Unauthenticated Arbitrary File Deletion Leads to Site Takeover, 200K Sites at Risks

Do Son July 10, 2025

A critical vulnerability in the SureForms WordPress plugin—which has over 200,000 active installations—has exposed websites to a...

CVE-2025-6463: Unauthenticated Arbitrary File Deletion in Forminator Plugin Exposes Over 600,000 WordPress Sites to Remote Takeover WordPress Plugin, Arbitrary File Deletion

CVE-2025-6463: Unauthenticated Arbitrary File Deletion in Forminator Plugin Exposes Over 600,000 WordPress Sites to Remote Takeover

Do Son July 2, 2025

A newly disclosed high-severity vulnerability in the popular Forminator plugin threatens the security of hundreds of thousands...

Rogue WordPress Plugin Unmasked: Stealthy Malware Skims Credit Cards & Steals Credentials WordPress Malware, Credit Card Skimming

Rogue WordPress Plugin Unmasked: Stealthy Malware Skims Credit Cards & Steals Credentials

Do Son June 25, 2025

The Wordfence Threat Intelligence Team has unveiled a powerful malware framework operating under the guise of a...

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

Do Son June 20, 2025

Last month, a critical vulnerability was reported to Wordfence that now threatens more than 22,000 WordPress websites...

WordPress AI Engine Flaw (CVE-2025-5071): Critical Bug Allows Subscriber-Level Account Takeover WordPress Privilege Escalation CVE-2026-1492 Sneeit Framework RCE, Unauthenticated Code Execution Post SMTP, Account Takeover WordPress Vulnerability, Unpatched XSS WordPress Vulnerability, PHP Object Injection WordPress AI Engine, Privilege Escalation CVE-2024-43153 & CVE-2024-43234

WordPress Privilege Escalation CVE-2026-1492 Sneeit Framework RCE, Unauthenticated Code Execution Post SMTP, Account Takeover WordPress Vulnerability, Unpatched XSS WordPress Vulnerability, PHP Object Injection WordPress AI Engine, Privilege Escalation CVE-2024-43153 & CVE-2024-43234

WordPress AI Engine Flaw (CVE-2025-5071): Critical Bug Allows Subscriber-Level Account Takeover

Do Son June 19, 2025

Security researchers at Wordfence have uncovered a vulnerability in the popular AI Engine plugin for WordPress, which...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Wordfence

Kirki Plugin Vulnerability: 150K WordPress Sites Face Critical 9.8 CVSS Privilege Escalation in the Wild

Critical WP Maps Pro Vulnerability Actively Exploited in the Wild

200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild

Over 400,000 WordPress Sites at Risk as “Breeze” Plugin Zero-Day Is Exploited in the Wild

Ninja Forms Alert: Critical 9.8 RCE Vulnerability Under Active Attack

200,000+ Sites at Risk: Perfmatters Flaw Enables Full WordPress Site Takeover

Hackers Actively Exploiting 9.8 Critical RCE Flaw in Kali Forms WordPress Plugin

High-Severity SQL Injection in Ally WordPress Plugin Threatens 400K Sites

Sabotage & Exploited in the Wild: Critical Backdoor Found in LA-Studio Element Kit

CVE-2025-15521 (CVSS 9.8): Critical Academy LMS Flaw Exploited for Admin Takeover

Critical Flaw in “Advanced Custom Fields: Extended” Exposes 100K WordPress Sites to Takeover

Critical Elementor Plugin Flaw (CVE-2025-8489, CVSS 9.8) Under Active Exploitation Allows Unauthenticated Admin Takeover

Actively Exploited: Critical Flaw CVE-2025-5947 (CVSS 9.8) Allows Unauthenticated Admin Takeover in WordPress Plugin

Actively Exploited: Critical Flaw CVE-2025-6388 (CVSS 9.8) Allows Authentication Bypass in WordPress Plugin

CVE-2025-5821: Critical Authentication Bypass in WordPress Case Theme User Plugin Exploited in the Wild

SureForms WordPress Plugin Flaw (CVE-2025-6691): Unauthenticated Arbitrary File Deletion Leads to Site Takeover, 200K Sites at Risks

CVE-2025-6463: Unauthenticated Arbitrary File Deletion in Forminator Plugin Exposes Over 600,000 WordPress Sites to Remote Takeover

Rogue WordPress Plugin Unmasked: Stealthy Malware Skims Credit Cards & Steals Credentials

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

WordPress AI Engine Flaw (CVE-2025-5071): Critical Bug Allows Subscriber-Level Account Takeover