A popular WordPress plugin was found carrying two flaws that can cause data leaks.

Two newly disclosed vulnerabilities in the Avada Builder WordPress plugin have placed around one million sites at risk of arbitrary file read and SQL injection attacks. According to analysis from ...

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...

A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data without logging in. A vulnerability in a widely used WordPress ...

In a nutshell: Many WordPress plugins are designed to enhance the content management system's ability to quickly and easily share content from almost anywhere on the internet. But one popular ...

A high-severity vulnerability was discovered and patched in the All-in-One WP Migration and Backup plugin, which has over five million installations. The vulnerability requires no user authentication, ...

WP Fastest Cache, a WordPress plugin currently in use by over 1 million users that assists in more efficiently delivering their websites, is addressing a security issue with its 1.2.2 release. This ...

A vulnerability advisory was issued for a WordPress plugin that saves contact form submissions. The flaw enables unauthenticated attackers to delete files, launch a denial of service attack, or ...