Threat Post

Users Urged to Uninstall WordPress Yuzo Plugin After Flaw Exploited

Users of the popular Yuzo Related Posts plugin are being urged to uninstall the plugin after a flaw was discovered being exploited in the wild – putting tens of thousands of websites at risk. Yuzo ...
Threat Post

Post Grid WordPress Plugin Flaws Allow Site Takeovers

Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs — together they have 66,000 installs. Two high-severity vulnerabilities in Post Grid, a WordPress plugin ...
TechRadar

Top WordPress plugin accused of adding backdoor that could unpublish all your posts

In an attempt to protect its intellectual property from piracy, a WordPress plugin developer implemented a rather controversial solution to one of its products. As a result, the community is up in ...
Infosecurity-magazine.com

Vulnerability Exposed in WordPress Plugin User Submitted Posts

A new vulnerability in the User Submitted Posts WordPress plugin (versions 20230902 and below) has been discovered by the Patchstack team. With over 20,000 active installations, this popular plugin is ...
Searchenginejournal.com

WordPress Popular Posts Plugin Vulnerability Affects 100k+ Sites

An advisory has been issued about a high-severity WordPress vulnerability that makes it possible for attackers to inject arbitrary shortcodes into sites using the WordPress Popular Posts plugin.