The Hacker News Logo
Click to Subscribe

The Hacker News - Cybersecurity News and Analysis: WordPress

Flaw in Elementor and Beaver Addons Let Anyone Hack WordPress Sites

Flaw in Elementor and Beaver Addons Let Anyone Hack WordPress Sites
December 13, 2019Swati Khandelwal
Attention WordPress users! Your website could easily get hacked if you are using " Ultimate Addons for Beaver Builder ," or &...

How Activity Logs Help WordPress Admins Better Manage Website Security

How Activity Logs Help WordPress Admins Better Manage Website Security
August 20, 2019The Hacker News
Managing a WordPress website can sap a lot of your time and energy, which otherwise you'd spend on managing your business. If you'...

New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions

New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions
June 11, 2019Mohit Kumar
Security researchers have been warning about a critical vulnerability they discovered in one of a popular WordPress Live Chat plugin, whi...

Critical Unpatched Flaw Disclosed in WordPress WooCommerce Extension

Critical Unpatched Flaw Disclosed in WordPress WooCommerce Extension
April 26, 2019Swati Khandelwal
If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new, unpatched vulnerability that ...

Hackers Actively Exploiting Widely-Used Social Share Plugin for WordPress

Hackers Actively Exploiting Widely-Used Social Share Plugin for WordPress
April 23, 2019Swati Khandelwal
Hackers have been found exploiting a pair of critical security vulnerabilities in one of the popular social media sharing plugins to take...

WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites

WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites
April 03, 2019Swati Khandelwal
If you have a "private" blog with WordPress.com and are using its official iOS app to create or edit posts and pages, the secre...

New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites

New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites
March 14, 2019Swati Khandelwal
If for some reason your WordPress-based website has not yet been automatically updated to the latest version 5.1.1, it's highly recom...

Critical Flaw Uncovered In WordPress That Remained Unpatched for 6 Years

Critical Flaw Uncovered In WordPress That Remained Unpatched for 6 Years
February 19, 2019Swati Khandelwal
Exclusive — If you have not updated your website to the latest WordPress version 5.0.3, it's a brilliant idea to upgrade the content man...

Popular AMP Plugin for WordPress Patches Critical Flaw – Update Now

Popular AMP Plugin for WordPress Patches Critical Flaw – Update Now
November 15, 2018Mohit Kumar
A security researcher has disclosed details of a critical vulnerability in one of the popular and widely active plugins for WordPress th...

Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site

Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site
June 27, 2018Mohit Kumar
UPDATE— WordPress has released version 4.9.7 to finally patch this vulnerability that could allow remote attackers to gain full control ...

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites
December 20, 2017Swati Khandelwal
Buying popular plugins with a large user-base and using it for effortless malicious campaigns have become a new trend for bad actors. ...

WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack

WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack
July 01, 2017Wang Wei
A SQL Injection vulnerability has been discovered in one of the most popular Wordpress plugins, installed on over 300,000 websites, whic...

Thousands of WordPress Sites Hacked Using Recently Disclosed Vulnerability

Thousands of WordPress Sites Hacked Using Recently Disclosed Vulnerability
February 08, 2017Swati Khandelwal
Last week, we reported about a critical zero-day flaw in WordPress that was silently patched by the company before hackers have had thei...

Critical WordPress REST API Bug: Prevent Your Blog From Being Hacked!

Critical WordPress REST API Bug: Prevent Your Blog From Being Hacked!
February 02, 2017Swati Khandelwal
Last week, WordPress patched three security flaws, but just yesterday the company disclosed about a nasty then-secret zero-day vulnerabil...

WordPress enables Free HTTPS Encryption for all Blogs with Custom Domain

WordPress enables Free HTTPS Encryption for all Blogs with Custom Domain
April 09, 2016Swati Khandelwal
Do you own a custom domain or a blog under the wordpress.com domain name? If yes, then there is good news for you. WordPress is ...

WordPress 4.2.3 Security Update Released, Patches Critical Vulnerability

WordPress 4.2.3 Security Update Released, Patches Critical Vulnerability
July 23, 2015Swati Khandelwal
WordPress has just released the new version of its content management system (CMS), WordPress version 4.2.3 , to fix a critical security...

WordPress Analytics Plugin Leaves 1.3 Million Sites Vulnerable to Hackers

WordPress Analytics Plugin Leaves 1.3 Million Sites Vulnerable to Hackers
February 25, 2015Mohit Kumar
A critical vulnerability has been discovered in one of the most popular plugins of the the WordPress content management platform that pu...

GHOST glibc Vulnerability Affects WordPress and PHP applications

GHOST glibc Vulnerability Affects WordPress and PHP applications
January 30, 2015Swati Khandelwal
After the disclosure of extremely critical GHOST vulnerability in the GNU C library (glibc) — a widely used component of most Linux distri...

Website Backdoor Scripts Leverage the Pastebin Service

Website Backdoor Scripts Leverage the Pastebin Service
January 08, 2015Mohit Kumar
The popular copy and paste website ' Pastebin ' created a decade ago for software developers and even by hackers groups to share...

'SoakSoak' Malware Compromises 100,000 WordPress Websites

'SoakSoak' Malware Compromises 100,000 WordPress Websites
December 15, 2014Swati Khandelwal
The users of WordPress , a free and open source blogging tool as well as content management system (CMS), are being informed of a widesp...
Exclusive Deals

Stay Informed — Newsletter Sign Up

Sign up for THN newsletter and get our latest stories delivered straight to your inbox.