Ars Technica

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be ...
Searchenginejournal.com

WordPress Metform Elementor Contact Form Builder Plugin Vulnerability

The U.S. government National Vulnerability Database (NVD) issued an advisory about a vulnerability affecting Metform Elementor Contact Form Builder WordPress plugin that could leak sensitive ...
Threat Post

Easy WP SMTP Security Bug Can Reveal Admin Credentials

A poorly configured file opens users up to site takeover. Easy WP SMTP, a WordPress plugin for email management that has more than 500,000 installations, has a vulnerability that could open the site ...