Bleeping Computer

WordPress Plugin Bug Allows Malicious Code Injection on 100K Sites

Vulnerabilities in the Popup Builder WordPress plugin could allow unauthenticated attackers to inject malicious JavaScript code into popups displayed on tens of thousands of websites, to steal ...
Houston Chronicle

How to Install an AdWords Tracking Code Plugin for WordPress

Keeping tabs on how visitors use your company's website helps you to understand traffic and purchasing patterns, which can in turn help you optimize and monetize your content. Google's AdWords service ...
SecurityWeek

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

Hackers have been targeting a critical file upload flaw in an addon for the Ninja Forms WordPress plugin that leads to remote ...
Threat Post

Popular ThemeREX WordPress Plugin Opens Websites to RCE

The bug has been under active attack as a zero-day. A critical vulnerability in a WordPress plugin known as “ThemeREX Addons” could open the door for remote code execution in tens of thousands of ...
ZDNet

PHP Everywhere code execution bugs impact thousands of WordPress websites

Critical remote code execution (RCE) vulnerabilities in a popular WordPress plugin have been made public. The RCE bugs impact PHP Everywhere, a utility for web developers to be able to use PHP code in ...
Bleeping Computer

Critical Bug in WordPress Plugin Lets Hackers Execute Code

A critical security issue found in the Ad Inserter WordPress plugin currently installed on over 200,000 websites allows authenticated attackers to remotely execute PHP code. Ad Inserter is an "ad ...