Searchenginejournal.com

WordPress Backup Plugin Vulnerability Affects 5+ Million Websites

A high-severity vulnerability was discovered and patched in the All-in-One WP Migration and Backup plugin, which has over five million installations. The vulnerability requires no user authentication, ...

Attention content creators: your WordPress plugin of choice may have been compromised

Don't blog without the proper protections in place, folks.

Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites

Dozens of WordPress plugins were allegedly hijacked to push malware after they were sold to a new corporate owner.
Search Engine Land

Microsoft releases IndexNow plugin for WordPress

Microsoft Bing has published a new WordPress plugin that makes it easy to integrate your WordPress blog and site with the IndexNow protocol. The plugin was released over the holidays and is available ...
CSOonline

Critical plugin flaw opens over a million WordPress sites to RCE attacks

A critical vulnerability has been reported in WPML — a multilingual WordPress plugin with more than a million installations globally — that allows remote code execution on affected WordPress sites.
Cybernews

WordPress plugins taken offline after a developer found 30 injected with malicious code

Dozens of WordPress plugins have been compromised by an unknown actor who planted backdoors in popular add-ons after buying ...

WordPress plugins used across thousands of websites found with malicious backdoors - Is your site at risk?

Dozens of WordPress plugins were taken offline after a suspected supply-chain attack involving a malicious backdoor added ...