TechRadar

Flawed WordPress popup plugin allows attackers to inject malicious code

Vulnerabilities have been discovered in a popular WordPress plugin called Popup Builder which could allow unauthenticated attackers to inject malicious JavaScript code into popups in order to steal ...
CSOonline

Critical plugin flaw opens over a million WordPress sites to RCE attacks

A critical vulnerability has been reported in WPML — a multilingual WordPress plugin with more than a million installations globally — that allows remote code execution on affected WordPress sites.
PC World

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system released an update last week, but intentionally delayed announcing that the patch addressed a severe vulnerability. WordPress version ...
ZDNet

Thousands of WordPress sites backdoored with malicious code

Thousands of WordPress sites have been hacked and compromised with malicious code this month, according to security researchers at Sucuri and Malwarebytes. All compromises seem to follow a similar ...