ZDNet

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites. The zero-day was used in ...
ZDNet

WordPress plugin vulnerability can be exploited for total website takeover

A WordPress plugin has been found to contain "easily exploitable" security issues that can be exploited to completely take over vulnerable websites. The plugin at the heart of the matter, WP Database ...
Bleeping Computer

Ironic twist: WP Reset PRO bug lets hackers wipe WordPress sites

A high severity security flaw in the WP Reset PRO WordPress plugin can let authenticated attackers wipe vulnerable websites, as revealed by Patchstack security researchers. It impacts only premium ...
Searchenginejournal.com

WordPress Easy WP SMTP Plugin Vulnerability

Popular WordPress plugin Easy WP SMTP plugin, with over 500,000 active installations, just patched a vulnerability that allows an attacker to take control of a site. The flaw in the WordPress plugin ...
Bleeping Computer

Over 150k WordPress sites at takeover risk via vulnerable plugin

Two vulnerabilities impacting the POST SMTP Mailer WordPress plugin, an email delivery tool used by 300,000 websites, could help attackers take complete control of a site authentication. Last month, ...
TechRadar

This WordPress vulnerability could let hackers hijack your entire site

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. A WordPress plugin has been discovered to contain “easily exploitable” security issues that could ...
IT World Canada

The endless story of WordPress plugins security issues

There are numerous benefits of leveraging the WordPress content management system (CMS) to create a website. It’s open-source, flexible, and amazingly easy to set up. The key advantage is that the ...