Threat Post

Advertising Plugin for WordPress Threatens Full Site Takeovers

Thousands of vulnerable websites need to apply the patch to avoid RCE. The Adning Advertising plugin for WordPress, a premium plugin with over 8,000 customers, contains a critical remote ...
Searchenginejournal.com

Critical Vulnerability Strikes WordPress Ad Inserter

Ad Inserter, a popular Ad management WordPress Plugin was discovered to contain a critical vulnerability. The vulnerability allows an authenticated user as low as a subscriber to execute code on the ...

WordPress plugins used across thousands of websites found with malicious backdoors - Is your site at risk?

Dozens of WordPress plugins were taken offline after a suspected supply-chain attack involving a malicious backdoor added ...
Threat Post

Critical Security Flaw in WordPress Plugin Allows RCE

WordPress plugin Comments – wpDiscuz, which is installed on over 70,000 sites, has issued a patch. Researchers are warning of a critical vulnerability in a WordPress plugin called Comments – wpDiscuz, ...
Bleeping Computer

WordPress ad-fraud plugins generated 1.4 billion ad requests per day

A large-scale ad fraud operation called 'Scallywag' is monetizing pirating and URL shortening sites through specially crafted WordPress plugins that generate billions of daily fraudulent requests.

Attention content creators: your WordPress plugin of choice may have been compromised

Don't blog without the proper protections in place, folks.