WordPress Advanced Custom Fields Extended Plugin Vulnerability

A vulnerability in an ACF addon plugin exposes up to 100,000 installations to a complete site takeover by unauthenticated ...
TechRadar

This popular WordPress security plugin has a worrying flaw which exposed user data

WordPress plugin flaw let low-privileged users access sensitive server files and credentials CVE-2025-11705 affects plugin versions 4.23.81 and earlier; patch released October 15 About 50,000 sites ...
TechRadar

Nasty WordPress plugin bugs could allow attackers to register as site admins

Security researchers have discovered critical yet easily exploitable vulnerabilities in a popular WordPress plugin that can be abused to upload arbitrary files to affected websites. In their breakdown ...