Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
Threat Post

WordPress Yellow Pencil Plugin Flaws Actively Exploited

Yet another Wordpress plugin, Yellow Pencil Visual Theme Customizer, is being exploited in the wild after two software vulnerabilities were discovered. The maker of a WordPress plugin, Yellow Pencil ...
Dark Reading

Attackers Exploit Zero-Day WordPress Plug-in Vulnerability in BackupBuddy

Attackers are actively exploiting a critical vulnerability in BackupBuddy, a WordPress plug-in that an estimated 140,000 websites are using to back up their installations. The vulnerability allows ...
Threat Post

Exploits for Social Warfare WordPress Plugin Reach Critical Mass

More and more attacks taking advantage of a XSS and RCE bug in the popular plugin have cropped up in the wild. Active exploits for a recently disclosed bug in a popular WordPress plugin, Social ...