Attackers have found a way to escalate the benign WordPress REST API flaw and use it to gain full access to a victim's server by installing a hidden backdoor. On January 26, the WordPress team ...

The recently patched REST API Endpoint vulnerability in WordPress could be leveraged to pull off stored cross-site scripting attacks. The recently patched WordPress REST API Endpoint vulnerability is ...

Why? Because it will take WordPress into new directions entirely. WordPress has unveiled its latest iteration, version 4.4. It's called Clifford, after the jazz trumpeter Clifford Brown, and comes ...

Attacks on WordPress sites using a vulnerability in the REST API, patched in WordPress version 4.7.2, have intensified over the past two days, as attackers have now defaced over 1.5 million pages, ...

Today it was disclosed that the popular WordPress contact form called Ninja Forms patched two vulnerabilities, affecting over 1 million WordPress installations. This represents another in a growing ...

Thousands of WordPress domains have been subject to attack through a severe content injection security flaw that many website operators have failed to protect themselves against. The security flaw, a ...

Matt Mullenweg, WordPress creator. (Photo: Eric Piermont/AFP/Getty Images) Nearly 20 percent of all sites on the Internet are powered by Wordpress (including this one), the open-source content ...

WordPress announced a security and maintenance release, version 5.8.1. It is important to update WordPress, especially versions 5.4 to 5.8 in order fix three security issues. WordPress 5.8.1 Security ...

Hackers are exploiting a zero-day vulnerability in a WordPress plugin made by ThemeREX, a company that sells commercial WordPress themes. The attacks, detected by Wordfence, a company that provides a ...