The Hacker News

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched ...

Hackers exploit Modular DS WordPress plugin flaw for admin access

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass ...
techtimes

WordPress Plugins Hit by Supply Chain Cyberattack, Compromising Thousands of Websites

Several WordPress plugins have reportedly been backdoored in a cyberattack that gave hackers full access and other malicious functions to any website utilizing these plugins. According to researchers ...
TechRadar

Millions at risk as popular WordPress database plugin is targeted by hackers — here's what WordPress site owners need to know

A popular WordPress vulnerability has been found carrying a critical vulnerability which allowed hackers to attack websites, steal sensitive data, and even force them offline. The vulnerability, ...

WordPress Membership Plugin Flaw Exposes Sensitive Stripe Data

WordPress membership plugin vulnerability exposing sensitive Stripe payment data affects up to 10,000 websites.
Threat Post

AdSanity, AccessPress Plugins Open Scads of WordPress Sites to Takeover

A critical security bug and a months-long, ongoing supply-chain attack spell trouble for WordPress users. The WordPress content management system (CMS) is offering admins more headaches this week, ...
Bleeping Computer

WP Fastest Cache plugin bug exposes 600K WordPress sites to attacks

The WordPress plugin WP Fastest Cache is vulnerable to an SQL injection vulnerability that could allow unauthenticated attackers to read the contents of the site’s database. WP Fastest Cache is a ...