wordpress Archives • Page 4 of 7 • Daily CyberSecurity

CVE-2025-26776 (CVSS 10) in Chaty Pro Plugin Exposes Thousands of WordPress Sites to Takeover

Do Son March 5, 2025

A critical vulnerability has been discovered in the Chaty Pro plugin for WordPress, potentially allowing attackers to...

CVE-2025-0912: Critical Flaw Exposes Over 100,000 WordPress Donation Sites to RCE

Do Son March 4, 2025

A severe security vulnerability has been discovered in GiveWP, the popular WordPress donation plugin, putting over 100,000...

CVE-2025-24752: Massive WordPress Plugin Vulnerability Exposes Millions to XSS Attacks

Do Son February 25, 2025

A high-severity security flaw has been discovered in the widely used WordPress plugin, Essential Addons for Elementor,...

CVE-2025-1128: Everest Forms Plugin Exposes 100,000+ WordPress Sites to Complete Takeover

Do Son February 24, 2025

A severe security vulnerability, tracked as CVE-2025-1128, has been uncovered in the popular WordPress plugin, Everest Forms,...

CVE-2024-12562: Critical s2Member Pro Flaw Leaves Millions of WordPress Sites Vulnerable

Do Son February 17, 2025

A critical security vulnerability has been discovered in the popular s2Member Pro plugin for WordPress, potentially affecting...

Critical CVE-2024-10960 Flaw in Brizy Plugin Puts 80,000 WordPress Sites at Risk

Do Son February 15, 2025

A critical vulnerability has been discovered in the popular Brizy – Page Builder plugin for WordPress, potentially...

Hackers Can Take Over 30,000 WordPress Sites Due to Critical CleanTalk Security Flaw (CVE-2024-13365)

Do Son February 13, 2025

A critical arbitrary file upload vulnerability has been discovered in the Security & Malware scan by CleanTalk...

Popular WordPress Real Estate Theme Vulnerable to Complete Site Takeover, No Patch CVE-2024-32444 & CVE-2024-32555

Popular WordPress Real Estate Theme Vulnerable to Complete Site Takeover, No Patch

Do Son January 24, 2025

A popular WordPress theme used by real estate websites has been found to contain critical security vulnerabilities...

CVE-2024-12365: Popular WordPress Caching Plugin Exposes Millions of Sites to Attack

Do Son January 15, 2025

Over a million WordPress websites are at risk due to a high-severity vulnerability discovered in the popular...

Over 5,000 WordPress Sites Infected in WP3.XYZ Malware Attack

Do Son January 14, 2025

A widespread malware campaign has been uncovered, targeting over 5,000 WordPress websites globally. The campaign, traced back...

GroupGreeting E-Card Platform Compromised in “zqxq” Campaign GroupGreeting e-card - “zqxq” campaign

GroupGreeting E-Card Platform Compromised in “zqxq” Campaign

Do Son January 11, 2025

The popular e-card platform GroupGreeting.com, used by major companies such as Airbnb, Coca-Cola, and eBay, recently fell...

Stealthy Malware Hides in WordPress Database, Steals Payment Data Credit Card Skimmer

Stealthy Malware Hides in WordPress Database, Steals Payment Data

Do Son January 9, 2025

A new breed of credit card skimming malware has been discovered, targeting WordPress checkout pages with alarming...

Beware of PhishWP: New WordPress Plugin Targets Online Shoppers WordPress Backdoor

Beware of PhishWP: New WordPress Plugin Targets Online Shoppers

Do Son January 6, 2025

Imagine browsing a seemingly legitimate e-commerce site, entering your payment details, and confidently completing a purchase, only...

CVE-2024-10957 Exposes Over 3 Million WordPress Sites to Unauthenticated PHP Object Injection Exploits WordPress POP chain attack - CVE-2024-10957

WordPress POP chain attack - CVE-2024-10957

CVE-2024-10957 Exposes Over 3 Million WordPress Sites to Unauthenticated PHP Object Injection Exploits

Do Son January 4, 2025

A newly discovered vulnerability in the UpdraftPlus Backup & Migration Plugin, used by over 3 million WordPress...

WordPress.org Free Services Suspended: What It Means for Users and Developers WordPress 6.9.2 WordPress 6.9.2 WordPress Security Update WordPress Security Update WordPress.org Suspended

WordPress 6.9.2 WordPress 6.9.2 WordPress Security Update WordPress Security Update WordPress.org Suspended

WordPress.org Free Services Suspended: What It Means for Users and Developers

Do Son December 24, 2024

Matt Mullenweg, WordPress co-founder and Automattic CEO, has pulled the plug on several key services for free...

Active Exploitation Observed for CVE-2024-11972 (CVSS 9.8): WordPress Plugin Flaw Exposes 10,000+ Sites to Backdoor Attacks CVE-2024-11972 - Hunk Companion

Active Exploitation Observed for CVE-2024-11972 (CVSS 9.8): WordPress Plugin Flaw Exposes 10,000+ Sites to Backdoor Attacks

Do Son December 12, 2024

A serious vulnerability in the Hunk Companion plugin for WordPress, tracked as CVE-2024-11972 (CVSS 9.8), has been...

CVE-2024-10542 & CVE-2024-10781: Critical WordPress Plugin Flaw Exposes 200,000 Sites CVE-2024-10542 and CVE-2024-10781

CVE-2024-10542 & CVE-2024-10781: Critical WordPress Plugin Flaw Exposes 200,000 Sites

Do Son November 25, 2024

A recent report from the Wordfence Threat Intelligence Team has revealed two critical vulnerabilities in the Anti-Spam...

CVE-2024-9511 (CVSS 9.8): Critical Flaw in FluentSMTP Plugin Exposes Over 300,000 WordPress Sites to Potential Takeover

Do Son November 23, 2024

A critical-severity vulnerability has been discovered in FluentSMTP, a widely used WordPress plugin designed to optimize email...

PHP Reinfector Malware Wreaks Havoc on WordPress Sites Houzez theme - CVE-2024-22303 and CVE-2024-21743

PHP Reinfector Malware Wreaks Havoc on WordPress Sites

Do Son November 15, 2024

In an in-depth investigation, Puja Srivastava, a security analyst at Sucuri, recently uncovered a sophisticated PHP reinfector...

CVE-2024-10924 (CVSS 9.8): Authentication Bypass in Really Simple Security Plugin Affects 4 Million Sites

Do Son November 14, 2024

The Wordfence Threat Intelligence team identified a severe authentication bypass vulnerability (CVE-2024-10924) in the Really Simple Security...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

wordpress

CVE-2025-26776 (CVSS 10) in Chaty Pro Plugin Exposes Thousands of WordPress Sites to Takeover

CVE-2025-0912: Critical Flaw Exposes Over 100,000 WordPress Donation Sites to RCE

CVE-2025-24752: Massive WordPress Plugin Vulnerability Exposes Millions to XSS Attacks

CVE-2025-1128: Everest Forms Plugin Exposes 100,000+ WordPress Sites to Complete Takeover

CVE-2024-12562: Critical s2Member Pro Flaw Leaves Millions of WordPress Sites Vulnerable

Critical CVE-2024-10960 Flaw in Brizy Plugin Puts 80,000 WordPress Sites at Risk

Hackers Can Take Over 30,000 WordPress Sites Due to Critical CleanTalk Security Flaw (CVE-2024-13365)

Popular WordPress Real Estate Theme Vulnerable to Complete Site Takeover, No Patch

CVE-2024-12365: Popular WordPress Caching Plugin Exposes Millions of Sites to Attack

Over 5,000 WordPress Sites Infected in WP3.XYZ Malware Attack

GroupGreeting E-Card Platform Compromised in “zqxq” Campaign

Stealthy Malware Hides in WordPress Database, Steals Payment Data

Beware of PhishWP: New WordPress Plugin Targets Online Shoppers

CVE-2024-10957 Exposes Over 3 Million WordPress Sites to Unauthenticated PHP Object Injection Exploits

WordPress.org Free Services Suspended: What It Means for Users and Developers

Active Exploitation Observed for CVE-2024-11972 (CVSS 9.8): WordPress Plugin Flaw Exposes 10,000+ Sites to Backdoor Attacks

CVE-2024-10542 & CVE-2024-10781: Critical WordPress Plugin Flaw Exposes 200,000 Sites

CVE-2024-9511 (CVSS 9.8): Critical Flaw in FluentSMTP Plugin Exposes Over 300,000 WordPress Sites to Potential Takeover

PHP Reinfector Malware Wreaks Havoc on WordPress Sites

CVE-2024-10924 (CVSS 9.8): Authentication Bypass in Really Simple Security Plugin Affects 4 Million Sites