The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: WordPress Vulnerability

WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites

WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites

April 03, 2019Swati Khandelwal
If you have a "private" blog with WordPress.com and are using its official iOS app to create or edit posts and pages, the secre...
New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites

New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites

March 14, 2019Swati Khandelwal
If for some reason your WordPress-based website has not yet been automatically updated to the latest version 5.1.1, it's highly recom...
Popular AMP Plugin for WordPress Patches Critical Flaw – Update Now

Popular AMP Plugin for WordPress Patches Critical Flaw – Update Now

November 15, 2018Mohit Kumar
A security researcher has disclosed details of a critical vulnerability in one of the popular and widely active plugins for WordPress th...
Popular WooCommerce WordPress Plugin Patches Critical Vulnerability

Popular WooCommerce WordPress Plugin Patches Critical Vulnerability

November 07, 2018Swati Khandelwal
If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could comp...
Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site

Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site

June 27, 2018Mohit Kumar
UPDATE— WordPress has released version 4.9.7 to finally patch this vulnerability that could allow remote attackers to gain full control ...
WordPress Update Breaks Automatic Update Feature—Apply Manual Update

WordPress Update Breaks Automatic Update Feature—Apply Manual Update

February 09, 2018Mohit Kumar
WordPress administrators are once again in trouble. WordPress version 4.9.3 was released earlier this week with patches for a total 34...
WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack

WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack

July 01, 2017Wang Wei
A SQL Injection vulnerability has been discovered in one of the most popular Wordpress plugins, installed on over 300,000 websites, whic...
Unpatched Wordpress Flaw Could Allow Hackers To Reset Admin Password

Unpatched Wordpress Flaw Could Allow Hackers To Reset Admin Password

May 04, 2017Mohit Kumar
WordPress, the most popular CMS in the world, is vulnerable to a logical vulnerability that could allow a remote attacker to reset target...
WordPress Security: Brute Force Amplification Attack Targeting Thousand of Blogs

WordPress Security: Brute Force Amplification Attack Targeting Thousand of Blogs

October 09, 2015Swati Khandelwal
Most of the times, we have reported about WordPress vulnerabilities involving vulnerable plugins, but this time security researchers ha...
Hacking WordPress Website with Just a Single Comment

Hacking WordPress Website with Just a Single Comment

April 28, 2015Swati Khandelwal
Most of the time, we have reported about WordPress vulnerabilities involving vulnerable plugins, but this time a Finnish security resear...
Own a WordPress Website? ISIS is After You — FBI warns

Own a WordPress Website? ISIS is After You — FBI warns

April 09, 2015Swati Khandelwal
If you run a self-hosted WordPress website, then you must Beware: "ISIS is after you." Yes, you heard right. The Unite...
'WordPress SEO by Yoast' Plugin Vulnerability Affects Millions

'WordPress SEO by Yoast' Plugin Vulnerability Affects Millions

March 11, 2015Mohit Kumar
A critical vulnerability has been discovered in the most popular plugin of the WordPress content management platform (CMS) that puts te...
GHOST glibc Vulnerability Affects WordPress and PHP applications

GHOST glibc Vulnerability Affects WordPress and PHP applications

January 30, 2015Swati Khandelwal
After the disclosure of extremely critical GHOST vulnerability in the GNU C library (glibc) — a widely used component of most Linux distri...
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.