Hosted on MSN

Vulnerability that allows full admin takeover found in premium WordPress theme

'Motors' allowed threat actors to take over admin accounts This enabled full website takeover The developers released a fix Motors, a premium theme for WordPress, was carrying a critical-severity ...
ZDNet

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites. The zero-day was used in ...

Hackers exploit critical auth bypass flaw in JobMonster WordPress theme

Threat actors are targeting a critical vulnerability in the JobMonster WordPress theme that allows hijacking of administrator ...
Searchenginejournal.com

ACF WordPress Plugin Vulnerability Affects Up To 2+ Million Sites

Advanced Custom Fields (ACF) WordPress plugin with over 2 million installations announced the release of a security update, version 6.2.5 that patches a vulnerability, the severity of which is not ...