More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows ...

Dozens of WordPress plugins were allegedly hijacked to push malware after they were sold to a new corporate owner.

The WordPress security team has taken a rare step last week and used a lesser-known internal capability to forcibly push a security update for a popular plugin. While robust passwords help you secure ...

Hackers can now take over WordPress sites instantly using a simple plugin flaw ...

Patchstack, a leader in WordPress security and threat intelligence, has released a whitepaper to present the state of WordPress security in 2021, and the report paints a dire picture. More ...

It's an interesting paradox. WordPress powers 35 percent of all websites on the Internet, in part because it's so flexible and modular. It has a robust library of more than 50,000 plugins, each adding ...

More than 30 WordPress plugins were shut down after a supply-chain backdoor compromised thousands of sites through the ...

WordPress announced a major clampdown to protect its theme and plugin ecosystem from password insecurity. These improvements follow a flurry of attacks in June that compromised multiple plugins at the ...

WordPress announced a proposal to take a more proactive approach toward third party plugins in order to improve security and site performance. What is being discussed is a plugin checker that will ...

A malicious actor found a struggling WordPress plugin company, bought it, and introduced malware to each product.