wordpress Archives • Page 5 of 8 • Daily CyberSecurity

WordPress.org Free Services Suspended: What It Means for Users and Developers WordPress 6.9.2 WordPress 6.9.2 WordPress Security Update WordPress Security Update WordPress.org Suspended

WordPress 6.9.2 WordPress 6.9.2 WordPress Security Update WordPress Security Update WordPress.org Suspended

WordPress.org Free Services Suspended: What It Means for Users and Developers

Do Son December 24, 2024

Matt Mullenweg, WordPress co-founder and Automattic CEO, has pulled the plug on several key services for free...

Active Exploitation Observed for CVE-2024-11972 (CVSS 9.8): WordPress Plugin Flaw Exposes 10,000+ Sites to Backdoor Attacks CVE-2024-11972 - Hunk Companion

Active Exploitation Observed for CVE-2024-11972 (CVSS 9.8): WordPress Plugin Flaw Exposes 10,000+ Sites to Backdoor Attacks

Do Son December 12, 2024

A serious vulnerability in the Hunk Companion plugin for WordPress, tracked as CVE-2024-11972 (CVSS 9.8), has been...

CVE-2024-10542 & CVE-2024-10781: Critical WordPress Plugin Flaw Exposes 200,000 Sites CVE-2024-10542 and CVE-2024-10781

CVE-2024-10542 & CVE-2024-10781: Critical WordPress Plugin Flaw Exposes 200,000 Sites

Do Son November 25, 2024

A recent report from the Wordfence Threat Intelligence Team has revealed two critical vulnerabilities in the Anti-Spam...

CVE-2024-9511 (CVSS 9.8): Critical Flaw in FluentSMTP Plugin Exposes Over 300,000 WordPress Sites to Potential Takeover

Do Son November 23, 2024

A critical-severity vulnerability has been discovered in FluentSMTP, a widely used WordPress plugin designed to optimize email...

PHP Reinfector Malware Wreaks Havoc on WordPress Sites Houzez theme - CVE-2024-22303 and CVE-2024-21743

PHP Reinfector Malware Wreaks Havoc on WordPress Sites

Do Son November 15, 2024

In an in-depth investigation, Puja Srivastava, a security analyst at Sucuri, recently uncovered a sophisticated PHP reinfector...

CVE-2024-10924 (CVSS 9.8): Authentication Bypass in Really Simple Security Plugin Affects 4 Million Sites

Do Son November 14, 2024

The Wordfence Threat Intelligence team identified a severe authentication bypass vulnerability (CVE-2024-10924) in the Really Simple Security...

Over 6 Million Sites at Risk: Severe Privilege Escalation Flaw CVE-2024-50550 in LiteSpeed Cache Plugin

Do Son October 30, 2024

Rafie Muhammad, a Security Researcher at Patchstack, reveals a severe security vulnerability in the LiteSpeed Cache plugin—a...

CVE-2024-9488 (CVSS 9.8): Authentication Bypass Flaw in wpDiscuz Plugin, Over 80,000 Sites at Risk

Do Son October 26, 2024

A critical authentication bypass vulnerability has been discovered in wpDiscuz, a widely used WordPress plugin with over...

CVE-2024-9634 (CVSS 9.8): Critical GiveWP Flaw Exposes 100,000+ WordPress Sites to RCE

Do Son October 15, 2024

A critical security vulnerability (CVE-2024-9634) has been discovered and patched in GiveWP, a popular WordPress donation plugin...

Critical Security Vulnerability in Jetpack Plugin Affects Millions of WordPress Websites Jetpack vulnerability

Critical Security Vulnerability in Jetpack Plugin Affects Millions of WordPress Websites

Do Son October 14, 2024

Jetpack, a popular WordPress plugin developed by Automattic, has released a critical security update today, addressing a...

CVE-2024-43917 (CVSS 9.3): Unpatched SQLi Flaw in TI WooCommerce Wishlist Threatens 100,000+ Sites TI WooCommerce Wishlist - CVE-2024-43917

CVE-2024-43917 (CVSS 9.3): Unpatched SQLi Flaw in TI WooCommerce Wishlist Threatens 100,000+ Sites

Do Son September 27, 2024

A critical security vulnerability has been discovered in the widely-used WordPress plugin, TI WooCommerce Wishlist, potentially exposing...

Critical Flaws Discovered in Jupiter X Core WordPress Plugin Affecting Over 90,000 Sites Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Critical Flaws Discovered in Jupiter X Core WordPress Plugin Affecting Over 90,000 Sites

Do Son September 26, 2024

Security researchers have uncovered two critical vulnerabilities in the Jupiter X Core WordPress plugin, impacting over 90,000...

BadIIS Malware : 35+ IIS Servers Compromised in DragonRank Campaign DragonRank - BadIIS malware

BadIIS Malware : 35+ IIS Servers Compromised in DragonRank Campaign

Do Son September 15, 2024

A recent report from Cisco Talos has exposed a new threat actor named DragonRank, a Chinese-speaking group...

DarkCracks: A New Stealthy Malware Framework Exploiting GLPI and WordPress

Do Son September 5, 2024

Cybersecurity researchers from QiAnXin have uncovered an advanced malware campaign named DarkCracks, which exploits vulnerabilities in compromised...

CVE-2024-44000 (CVSS 9.8): Litespeed Cache flaw exposes millions of WordPress sites to takeover attacks

Do Son September 5, 2024

A significant security vulnerability has been uncovered in the popular LiteSpeed Cache plugin for WordPress, which boasts...

CVE-2024-6386 (CVSS 9.9) in WPML Plugin Exposes Millions of WordPress Sites to RCE Attacks

Do Son August 26, 2024

A severe security flaw (CVE-2024-6386, CVSS 9.9) has been discovered in the widely-used WPML plugin for WordPress,...

Vuls: A Comprehensive Vulnerability Management Solution for Modern IT Environments vuls-abstract

Vuls: A Comprehensive Vulnerability Management Solution for Modern IT Environments

Do Son August 10, 2024

The ever-growing complexity of modern IT infrastructure, coupled with the relentless proliferation of cyber threats, places a...

CVE-2024-6457 (CVSS 9.8): Critical Flaw in HUSKY Plugin Threatens 100K+ WooCommerce Stores

Do Son July 16, 2024

A critical vulnerability has been discovered in the widely-used WordPress plugin, HUSKY – Products Filter Professional for...

CVE-2024-6695 (CVSS 9.8) in Popular WordPress Plugin Exposes 50,000 Sites to Admin Hijacking

Do Son July 15, 2024

Security researcher John Castro has uncovered a critical vulnerability (CVE-2024-6695) in Profile Builder, a widely used WordPress...

Hackers are Actively Exploiting CVE-2024-5441 Flaw, 150,000 Sites at Risk

Do Son July 8, 2024

A severe vulnerability (CVE-2024-5441) has been discovered in the widely used WordPress plugin Modern Events Calendar, leaving...

Critical Alert 1 Active Exploit Detected Today