A significant security vulnerability has been identified and patched in the widely used File Manager plugin for WordPress, affecting over 1 million websites. The vulnerability is rated 8.1 out of 10 ...

The bugs allow a range of attacks on websites, including deleting blog pages and remote code execution. A critical cross-site scripting (XSS) bug impacts WordPress sites running the Frontend File ...

The file in question was pulled by third-party dependency elFinder and used as a code reference. An extension added to the file, the rename of connector-minimal.php-dist to connector-minimal.php, was ...

More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows ...

A severe vulnerability in the widely used Forminator WordPress plugin has been disclosed, exposing websites to the risk of arbitrary file deletion and potential site takeover. The flaw, which affects ...

Researchers from Patchstack find two new flaws in Fancy Product Designer The Radykal-built WordPress plugin has more than 20,000 active users The flaws allowed for remote code execution, arbitrary ...

WordPress plugin backdoor compromises 20,000+ sites through supply chain attack using blockchain evasion tactics and ...

More than 10,000 WordPress sites have been left vulnerable to full site takeover due to three critical security flaws discovered in the HT Contact Form Widget for Elementor Page Builder & Gutenberg ...

A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files ...