SecurityWeek

Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover

Many websites exposed to account takeover due to a critical vulnerability in the email delivery WordPress plugin Post SMTP.

Startup Brambles.ai Takes On OpenAI and Anthropic With WordPress AI Commerce Plugin That Empowers Publishers

Unlike traditional AI platforms that centralize profits and data, Brambles.ai flips the model -- empowering publishers to earn directly through AI-driven product discovery. The pl ...
SecurityWeek

Year-Old WordPress Plugin Flaws Exploited to Hack Websites

Three critical-severity vulnerabilities in the GutenKit and Hunk Companion WordPress plugins have been exploited in a new campaign.

WordPress Anti-Malware Plugin Flaw Exposes 100K Sites To An Alarming Security Threat

A new threat in is the wild affecting sites that run WordPress, a popular content management system. Wordfence, a company that focuses on security research in the WordPress ecosystem, is reporting ...

Hackers exploit critical auth bypass flaw in JobMonster WordPress theme

Threat actors are targeting a critical vulnerability in the JobMonster WordPress theme that allows hijacking of administrator ...
Infosecurity Magazine

Critical WordPress Plugin Bugs Exploited En Masse

Threat actors are attempting to exploit three critical CVEs from 2024 impacting two popular WordPress plugins, according to Wordfence. The security vendor claimed that the bugs affect the GutenKit and ...
TechRadar

A popular WordPress theme has a worrying security flaw which could allow full site takeover - here's what we know

CVE-2025-5947 allows unauthenticated admin access in Service Finder WordPress theme versions ≤ 6.0 Over 13,800 exploit attempts observed since August; attackers actively target vulnerable sites ...

Another major WordPress add-on security flaw could affect 10,000 sites - find out if you're affected

King Addons for Elementor, a commercial WordPress plugin that extends the Elementor page builder with extra website builder ...