ZDNet

PHP Everywhere code execution bugs impact thousands of WordPress websites

Critical remote code execution (RCE) vulnerabilities in a popular WordPress plugin have been made public. The RCE bugs impact PHP Everywhere, a utility for web developers to be able to use PHP code in ...
Threat Post

PHP Applications, WordPress Subject to Ghost glibc Vulnerability

Researchers at Sucuri revealed that applications such as WordPress that support PHP could also be subject to the Ghost vulnerability in glibc. Less than 48 hours after the disclosure of the Ghost ...
Bleeping Computer

Over 90 WordPress themes, plugins backdoored in supply chain attack

A massive supply chain attack compromised 93 WordPress themes and plugins to contain a backdoor, giving threat-actors full access to websites. In total, threat actors compromised 40 themes and 53 ...
Searchenginejournal.com

WordPress Proposes Plan for 61% of WP Sites Using Outdated PHP

PHP is the underlying scripting language that WordPress runs on. The most current version is PHP 7.3.7. PHP is continually updated to make it more efficient and to patch security issues. Except ...
ZDNet

WordPress to show warnings on servers running outdated PHP versions

The WordPress open-source content management system (CMS) will show warnings in its backend admin panel if the site runs on top of an outdated PHP version. The current plan is to have the warnings ...
The Droid Guy

How to Identify Which WordPress Plugin or Theme Is Blocking Your PHP Update and Preventing a Smooth Upgrade

If you’ve logged into your WordPress dashboard and seen the warning that your site is running on PHP 7.4.33, you’re not alone. This outdated version no longer receives security updates, which makes ...