It’s encouraging to see the WordPress development team pushing WordPress that much closer to outputting valid HTML code. WordPress 5.3 will be good for publishers and for SEO.

Developers of the widely used WordPress content management system intentionally delayed announcing that a recent patch fixed a severe vulnerability.

A just-patched stored cross-site scripting (XSS) vulnerability in WordPress allowed drive-by remote code-execution, according to an analysis.

Hackers are utilizing the WordPress mu-plugins ("Must-Use Plugins") directory to stealthily run malicious code on every page while evading detection.

Vulnerabilities have been discovered in a popular WordPress plugin called Popup Builder which could allow unauthenticated attackers to inject malicious JavaScript code into popups in order to ...