Searchenginejournal.com

WordPress Gutenberg Template Library Plugin Vulnerability Affects +1 Million Sites

A third party WordPress Gutenberg Template Library plugin with over a million users was discovered to have two vulnerabilities. Successful exploitation of these vulnerabilities could create an ...

All In One SEO WordPress Vulnerability Affects Over 3 Million Sites

A vulnerability in the AIOSEO plugin affecting up to 3 million installations adds to the six vulnerabilities found in 2025.
Threat Post

Critical WordPress Plugin Bug Can Lock Admins Out of Websites

A second vulnerability could be used to prevent access to almost all of a site’s existing content, by simply redirecting visitors. A pair of security vulnerabilities in the WordPress search engine ...
Threat Post

20K WordPress Sites Exposed by Insecure Plugin REST-API

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS. More than 20,000 WordPress sites are vulnerable to malicious code injection, phishing ...
HotHardware

Alarming WordPress Plugin Security Flaw Leaves 2M Sites Vulnerable To Attack

A WordPress plugin with over 2 million active installations left its users open to an alarming security flaw. The popular Advanced Custom Fields (ACF) plugin by WP Engine allows WordPress admins to ...
TechRadar

Yet another WordPress plugin puts hundreds of thousands of sites at risk

Another day, another WordPress plugin vulnerability that affects hundreds of thousands of websites. This latest issue, a reflected cross-site scripting (XSS) vulnerability, was discovered by the ...