Threat Post

Newsletter WordPress Plugin Opens Door to Site Takeover

An XSS bug and a PHP object-injection vulnerability are present in a plugin used by hundreds of thousands of websites. Newsletter, a WordPress plugin with more than 300,000 installations, has a pair ...

Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites

More than 30 WordPress plugins were shut down after a supply-chain backdoor compromised thousands of sites through the ...
Bleeping Computer

Newsletter plugin bugs let hackers inject backdoors on 300K sites

Newsletter users are urged to update the plugin to the 6.8.3 version as soon as possible to block attacks designed to add rogue admins or to inject backdoors on their sites given that threat actors ...
Gadget Review on MSN

WordPress plugin backdoor hits 20K+ sites in supply chain attack

WordPress plugin backdoor compromises 20,000+ sites through supply chain attack using blockchain evasion tactics and ...
Searchenginejournal.com

Critical Vulnerability Found In Popular WordPress Newsletter Plugin

Web security firm, Sucuri, found a critical vulnerability in a WordPress plug-in that has over 1.7 million downloads. The vulnerability allows potential attackers to take complete control of blogs ...
GMA Network

Newsletter plugin vulnerability puts WordPress sites at risk

Make this your preferred source to get more updates from this publisher on Google. Bloggers using the WordPress platform may have to upgrade their sites soon lest they fall prey to a vulnerability in ...
PC World

Critical vulnerability in popular WordPress newsletter plug-in endangers many blogs

A critical vulnerability found in a WordPress plug-in that has been downloaded over 1.7 million times allows potential attackers to take complete control of blogs that use it. The flaw is located in ...