The Hacker News Logo
Subscribe to Newsletter

The Hacker News – Most Popular Cyber Security, Hacking News Site: wordpress security

Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site

Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site
June 26, 2018Mohit Kumar
UPDATE— WordPress has released version 4.9.7 to finally patch this vulnerability that could allow remote attackers to gain full control ...

Unpatched DoS Flaw Could Help Anyone Take Down WordPress Websites

Unpatched DoS Flaw Could Help Anyone Take Down WordPress Websites
February 05, 2018Mohit Kumar
A simple yet serious application-level denial of service (DoS) vulnerability has been discovered in WordPress CMS platform that could all...

Nearly 2000 WordPress Websites Infected with a Keylogger

Nearly 2000 WordPress Websites Infected with a Keylogger
January 29, 2018Swati Khandelwal
More than 2,000 WordPress websites have once again been found infected with a piece of crypto-mining malware that not only steals the res...

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites
December 19, 2017Swati Khandelwal
Buying popular plugins with a large user-base and using it for effortless malicious campaigns have become a new trend for bad actors. ...

WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack

WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack
June 30, 2017Wang Wei
A SQL Injection vulnerability has been discovered in one of the most popular Wordpress plugins, installed on over 300,000 websites, whic...

Critical WordPress REST API Bug: Prevent Your Blog From Being Hacked!

Critical WordPress REST API Bug: Prevent Your Blog From Being Hacked!
February 01, 2017Swati Khandelwal
Last week, WordPress patched three security flaws, but just yesterday the company disclosed about a nasty then-secret zero-day vulnerabil...

WordPress enables Free HTTPS Encryption for all Blogs with Custom Domain

WordPress enables Free HTTPS Encryption for all Blogs with Custom Domain
April 08, 2016Swati Khandelwal
Do you own a custom domain or a blog under the wordpress.com domain name? If yes, then there is good news for you. WordPress is ...

WordPress Security: Brute Force Amplification Attack Targeting Thousand of Blogs

WordPress Security: Brute Force Amplification Attack Targeting Thousand of Blogs
October 09, 2015Swati Khandelwal
Most of the times, we have reported about WordPress vulnerabilities involving vulnerable plugins, but this time security researchers ha...

Thousands of Hacked WordPress Sites Abused to Infect Millions of Visitors

Thousands of Hacked WordPress Sites Abused to Infect Millions of Visitors
September 18, 2015Khyati Jain
A Large number of WordPress websites were compromised in last two weeks with a new malware campaign spotted in the wild. WordPress ...

WordPress 4.2.3 Security Update Released, Patches Critical Vulnerability

WordPress 4.2.3 Security Update Released, Patches Critical Vulnerability
July 23, 2015Swati Khandelwal
WordPress has just released the new version of its content management system (CMS), WordPress version 4.2.3 , to fix a critical security...

Own a WordPress Website? ISIS is After You — FBI warns

Own a WordPress Website? ISIS is After You — FBI warns
April 09, 2015Swati Khandelwal
If you run a self-hosted WordPress website, then you must Beware: "ISIS is after you." Yes, you heard right. The Unite...
Best Deals

Get Daily News Updates By Email

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.