Ultimate Member WordPress Plugin Vulnerability Affects Up To 200k Sites

A vulnerability in the popular Ultimate Member WordPress plugin enables account takeover by exposing password reset links.
Computerworld

WordPress Security Alert: Revolution Slider

A major security flaw has been discovered in the most popular Wordpress slider plugin out there, Slider Revolution (aka Revolution Slider). It’s imperative that sites using the plugin update to the ...

Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
The Tech Edvocate

How to identify problematic WordPress plugin

The Backbone of Your Site Plugins are the lifeblood of WordPress, enabling users to customize their websites with functionality that ranges from SEO tools to social media integrations. With over ...
The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.
The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
SecurityWeek

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

Hackers are exploiting a vulnerability in the Gravity SMTP WordPress plugin to extract configuration data, including API keys ...
TechRadar

Fake WordPress security alerts are being used to send malware

If you are a WordPress site admin, be wary of incoming emails - one could be a phishing message looking to infect your site with malicious plugins. This is the warning given out by WordPress security ...