With its latest update, WordPress patched a vulnerability that could enable malicious plugin and theme developers to execute SQL injection attacks.
New attacks against unfinished installations of WordPress aim to give attackers admin access and the opportunity to run PHP code.
To protect their WordPress sites from scammers, administrators must proactively patch and monitor their installations to weed out unwanted content.
Cybercriminals have been stealing cookies and using a fraudulent WordPress API to impersonate users and take control of victims' browsing sessions.
Sucuri recently discovered a new WordPress hack that redirects users to malicious domains. Luckily, there are relatively easy ways to discover infections.
Cybercriminals exploited a WordPress vulnerability to breach LoanBase, a bitcoin lending site, and they may have gained access to user info.
WordPress sites are being affected by a Teslacrypt ransomware attack, which could leave users with out-of-date plugins or browsers exposed.
Several vulnerabilities have recently been discovered — and patched — in CMS software WordPress and Drupal. What should users know about the risks?
A new XSS vulnerability set for WordPress raises sersious security questions, but it's not the only set of flaws to come to light recently.
WordPress update 4.2.3 crossed out a critical XSS vulnerability — the latest in a long line of flaws that put websites running the CMS at risk.