The Hacker News Logo
Click to Subscribe

The Hacker News - Cybersecurity News and Analysis: Wordpress hacking

How Activity Logs Help WordPress Admins Better Manage Website Security

How Activity Logs Help WordPress Admins Better Manage Website Security
August 20, 2019The Hacker News
Managing a WordPress website can sap a lot of your time and energy, which otherwise you'd spend on managing your business. If you'...

Critical Unpatched Flaw Disclosed in WordPress WooCommerce Extension

Critical Unpatched Flaw Disclosed in WordPress WooCommerce Extension
April 26, 2019Swati Khandelwal
If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new, unpatched vulnerability that ...

Hackers Actively Exploiting Widely-Used Social Share Plugin for WordPress

Hackers Actively Exploiting Widely-Used Social Share Plugin for WordPress
April 23, 2019Swati Khandelwal
Hackers have been found exploiting a pair of critical security vulnerabilities in one of the popular social media sharing plugins to take...

New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites

New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites
March 14, 2019Swati Khandelwal
If for some reason your WordPress-based website has not yet been automatically updated to the latest version 5.1.1, it's highly recom...

Critical Flaw Uncovered In WordPress That Remained Unpatched for 6 Years

Critical Flaw Uncovered In WordPress That Remained Unpatched for 6 Years
February 19, 2019Swati Khandelwal
Exclusive — If you have not updated your website to the latest WordPress version 5.0.3, it's a brilliant idea to upgrade the content man...

WordPress Update Breaks Automatic Update Feature—Apply Manual Update

WordPress Update Breaks Automatic Update Feature—Apply Manual Update
February 09, 2018Mohit Kumar
WordPress administrators are once again in trouble. WordPress version 4.9.3 was released earlier this week with patches for a total 34...

Unpatched DoS Flaw Could Help Anyone Take Down WordPress Websites

Unpatched DoS Flaw Could Help Anyone Take Down WordPress Websites
February 05, 2018Mohit Kumar
A simple yet serious application-level denial of service (DoS) vulnerability has been discovered in WordPress CMS platform that could all...

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites
December 20, 2017Swati Khandelwal
Buying popular plugins with a large user-base and using it for effortless malicious campaigns have become a new trend for bad actors. ...

Unpatched Wordpress Flaw Could Allow Hackers To Reset Admin Password

Unpatched Wordpress Flaw Could Allow Hackers To Reset Admin Password
May 04, 2017Mohit Kumar
WordPress, the most popular CMS in the world, is vulnerable to a logical vulnerability that could allow a remote attacker to reset target...

Thousands of WordPress Sites Hacked Using Recently Disclosed Vulnerability

Thousands of WordPress Sites Hacked Using Recently Disclosed Vulnerability
February 08, 2017Swati Khandelwal
Last week, we reported about a critical zero-day flaw in WordPress that was silently patched by the company before hackers have had thei...

WordPress Security: Brute Force Amplification Attack Targeting Thousand of Blogs

WordPress Security: Brute Force Amplification Attack Targeting Thousand of Blogs
October 09, 2015Swati Khandelwal
Most of the times, we have reported about WordPress vulnerabilities involving vulnerable plugins, but this time security researchers ha...

Thousands of Hacked WordPress Sites Abused to Infect Millions of Visitors

Thousands of Hacked WordPress Sites Abused to Infect Millions of Visitors
September 18, 2015Khyati Jain
A Large number of WordPress websites were compromised in last two weeks with a new malware campaign spotted in the wild. WordPress ...

WordPress Vulnerability Puts Millions of Websites At Risk

WordPress Vulnerability Puts Millions of Websites At Risk
May 07, 2015Swati Khandelwal
Millions of WordPress websites are at risks of being completely hijacked by the hackers due to a critical cross-site scripting (XSS) vul...

New Dark Web Marketplace Offers Zero-Day Exploits to Hackers

New Dark Web Marketplace Offers Zero-Day Exploits to Hackers
April 18, 2015Mohit Kumar
Hackers have sold secrets of zero-day exploits in the underground Dark Web marketplace such as the Silk Road and its various successors...

Own a WordPress Website? ISIS is After You — FBI warns

Own a WordPress Website? ISIS is After You — FBI warns
April 09, 2015Swati Khandelwal
If you run a self-hosted WordPress website, then you must Beware: "ISIS is after you." Yes, you heard right. The Unite...

'Google Analytics by Yoast' WordPress Plugin Patches Critical Vulnerability

'Google Analytics by Yoast' WordPress Plugin Patches Critical Vulnerability
March 21, 2015Wang Wei
Another popular WordPress plugin by Yoast has been found to be vulnerable to a critical flaw that could be exploited by hackers to hijack th...

WordPress Plugin Zero-Day Vulnerability Affects Thousands of Sites

WordPress Plugin Zero-Day Vulnerability Affects Thousands of Sites
February 05, 2015Swati Khandelwal
A critical zero-day vulnerability has been discovered in a popular WordPress plugin , called ' FancyBox for WordPress ', which i...

Millions of WordPress and Drupal Websites Vulnerable to DoS Attack

Millions of WordPress and Drupal Websites Vulnerable to DoS Attack
August 07, 2014Mohit Kumar
Users running the website on a self-hosted WordPress or on Drupal are strongly recommended to update their websites to the latest versio...
Exclusive Deals

Stay Informed — Newsletter Sign Up

Sign up for THN newsletter and get our latest stories delivered straight to your inbox.