SecurityWeek

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

Hackers are exploiting a vulnerability in the Gravity SMTP WordPress plugin to extract configuration data, including API keys ...
ZDNet

Disgruntled security firm discloses zero-days in Facebook's WordPress plugins

A US-based cyber-security firm has published details about two zero-days that impact two of Facebook's official WordPress plugins. The details also include proof-of-concept (PoC) code that allows ...
Ars Technica

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...