A popular WordPress vulnerability has been found carrying a critical vulnerability which allowed hackers to attack websites, steal sensitive data, and even force them offline. The vulnerability, ...
The authentication bypass vulnerability, tracked as CVE-2025-5947 (CVSS score: 9.8), affects the Service Finder Bookings, a ...
A WordPress plugin has been found to contain "easily exploitable" security issues that can be exploited to completely take over vulnerable websites. The plugin at the heart of the matter, WP Database ...
The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext passwords from user login attempts to the site's database, putting ...
An attack over the weekend unsuccessfully targeted 1.3 million WordPress websites, in attempts to download their configuration files and harvest database credentials. Attackers were spotted targeting ...
Researcher Ryan Dewhurst released the WPScan Vulnerability Database, a database housing security vulnerabilities in WordPress core code, plug-ins and themes. It’s available for pen-testers, WordPress ...
A large scale attack targeted hundreds of thousands of WordPress websites over the course of 24 hours, attempting to harvest database credentials by stealing config files after abusing known XSS ...
Researchers have uncovered two backdoors planted on compromised WordPress websites that were designed to generate ...
Security researcher Jason A. Donenfeld has revealed a security hole in a popular WordPress plugin that could be used to obtain sensitive data from an affected site. The flaw was discovered in W3 Total ...
The United States National Vulnerability Database (NVD) announced that the Thirsty Affiliate Link Manager WordPress plugin has two vulnerabilities that can allow a hacker to inject links. Additionally ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback