WordPress powers a significant share of the web, and for good reason. It is flexible, well supported and capable of handling everything from a simple brochure site to a full ecommerce platform. But ...

HDAnalytics is a fast, cookieless WordPress analytics plugin delivering actionable insights, full GDPR/CCPA compliance, ...

WPvivid Backup & Migration plugin allows for arbitrary file upload which can lead to remote code execution.

A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files ...

The new Link Fixer plugin for WordPress uses the Wayback Machine to prevent dead links, keeping old posts and references accessible for readers.

Critical bug in ACF: Extended WordPress plugin allows arbitrary role escalation to administrator About 50,000 WordPress sites are vulnerable despite patch in version 0.9.2.2 No exploitation reported ...

Patchstack found critical Modular DS flaw (CVE-2026-23550) allowing admin bypass Vulnerability scored 10/10 and is already being exploited in the wild Vendor released fix in version 2.5.2; users urged ...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...

A vulnerability in the Forminator WordPress plugin allows attackers to delete arbitrary files and take over impacted websites. A vulnerability in the Forminator WordPress plugin could allow attackers ...