ZDNet

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites. The zero-day was used in ...
ZDNet

WordPress plugin vulnerability can be exploited for total website takeover

A WordPress plugin has been found to contain "easily exploitable" security issues that can be exploited to completely take over vulnerable websites. The plugin at the heart of the matter, WP Database ...
Bleeping Computer

Ironic twist: WP Reset PRO bug lets hackers wipe WordPress sites

A high severity security flaw in the WP Reset PRO WordPress plugin can let authenticated attackers wipe vulnerable websites, as revealed by Patchstack security researchers. It impacts only premium ...
Searchenginejournal.com

WordPress Easy WP SMTP Plugin Vulnerability

Popular WordPress plugin Easy WP SMTP plugin, with over 500,000 active installations, just patched a vulnerability that allows an attacker to take control of a site. The flaw in the WordPress plugin ...
Searchenginejournal.com

WordPress Takes A Bite Out Of Plugin Attacks

WordPress announced over the weekend that they were pausing plugin updates and initiating a force reset on plugin author passwords in order to prevent additional website compromises due to the ongoing ...