TechRadar

WordPress plugins hacked for fake admin accounts

Popular web hosting site WordPress has come under attack from hackers exploiting a flaw that allows them to create rogue admin accounts. Researchers at security firm Wordfence discovered that known ...
Bleeping Computer

WordPress plugin bug lets hackers create rogue admin accounts

WordPress owners are advised to secure their websites by updating the Real-Time Find and Replace plugin to prevent attackers from injecting malicious code into their sites and creating rogue admin ...
Bleeping Computer

Zero-Day in WordPress Plugin Exploited to Create Admin Accounts

A zero-day vulnerability in the ThemeREX Addons, a WordPress plugin installed on thousands of sites, is actively exploited by attackers to create user accounts with admin permissions and potentially ...
Infosecurity-magazine.com

LiteSpeed Cache Plugin Vulnerability Poses Admin Access Risk

A vulnerability in the LiteSpeed Cache plugin for WordPress, which has over 6 million active installations, has been discovered allowing unauthenticated visitors to gain administrator-level access by ...
TechRadar

This WordPress plugin grants hackers 'ultimate' admin access to your site

Thousands of WordPress sites could be at risk as a vulnerability in the Ultimate Member plugin gets exploited, but a quick fix will stop your site from being taken over. The plugin, which has amassed ...
Ars Technica

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...
Ars Technica

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be ...