A vulnerability in the WP Maps Pro WordPress plugin has been exploited to create admin accounts and take over vulnerable sites.

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...

WordPress announced a major clampdown to protect its theme and plugin ecosystem from password insecurity. These improvements follow a flurry of attacks in June that compromised multiple plugins at the ...

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data.

WordPress 7.0 exposes AI API keys. Security researcher says there "will be an absolute rush by hackers to steal API keys" ...

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

Experts find a way to trick Forminator into deleting a core WordPress file This process would trigger the site's setup, where hackers can take it over A patch is available, and users are advised to ...

Learn how to secure your WordPress website in 2026 with this complete security checklist, including malware protection, login security, backups, plugins, firewalls, and more.

The recent travails of WordPress have caused consternation among the web community that relies on the platform, which powers more than four in ten websites online today. Now, a coalition of prominent ...

A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data without logging in. A vulnerability in a widely used WordPress ...