SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites
An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for…
WordPress membership plugin bug exploited to create admin accounts
Hackers are exploiting a critical vulnerability in the User Registration & Membership…
ACF plugin bug gives hackers admin on 50,000 WordPress sites
A critical-severity vulnerability in the Advanced Custom Fields: Extended (ACF Extended) plugin…
Hackers exploit Modular DS WordPress plugin flaw for admin access
Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress…
RCE flaw in ImunifyAV puts millions of Linux-hosted sites at risk
The ImunifyAV malware scanner for Linux servers, used by tens of millions…
WordPress security plugin exposes private data to site subscribers
The Anti-Malware Security and Brute-Force Firewall plugin for WordPress, installed on over…
Hackers launch mass attacks exploiting outdated WordPress plugins
A widespread exploitation campaign is targeting WordPress websites with GutenKit and Hunk…
Hackers exploiting critical “SessionReaper” flaw in Adobe Magento
Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce…
American Archive of Public Broadcasting fixes bug exposing restricted media
A vulnerability in the American Archive of Public Broadcasting's website allowed downloading of…