InfoQ

MySQL AI Introduced for Enterprise Edition

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Kenneth Harris, a NASA veteran who worked on ...
Searchenginejournal.com

WordPress Contact Form 7 Redirection Plugin Vulnerability Hits 300k Sites

A vulnerability advisory was issued for a WordPress Contact Form 7 add-on plugin that enables unauthenticated attackers to “easily” launch a remote code execution. The vulnerability is rated high (8.8 ...
Searchenginejournal.com

WordPress Contact Form Entries Plugin Vulnerability Affects 70K Websites

A vulnerability advisory was issued for a WordPress plugin that saves contact form submissions. The flaw enables unauthenticated attackers to delete files, launch a denial of service attack, or ...
Infosecurity-magazine.com

Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable

More than 10,000 WordPress sites have been left vulnerable to full site takeover due to three critical security flaws discovered in the HT Contact Form Widget for Elementor Page Builder & Gutenberg ...
SecurityWeek

Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations

The Post SMTP email delivery WordPress plugin is affected by a critical vulnerability and half of websites using it remain unpatched. A vulnerability in a popular email delivery WordPress plugin is ...
The Hacker News

Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access

Cybersecurity researchers have uncovered a new stealthy backdoor concealed within the "mu-plugins" directory in WordPress sites to grant threat actors persistent access and allow them to perform ...
Bleeping Computer

WordPress Gravity Forms developer hacked to push backdoored plugins

The popular WordPress plugin Gravity Forms has been compromised in what seems a supply-chain attack where manual installers from the official website were infected with a backdoor. Gravity Forms is a ...
Bleeping Computer

Forminator plugin flaw exposes WordPress sites to takeover attacks

The Forminator plugin for WordPress is vulnerable to an unauthenticated arbitrary file deletion flaw that could enable full site takeover attacks. The security issue is tracked as CVE-2025-6463 and ...
SecurityWeek

Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover

A vulnerability in the Forminator WordPress plugin allows attackers to delete arbitrary files and take over impacted websites. A vulnerability in the Forminator WordPress plugin could allow attackers ...
GitHub

The WordPress Automatic Plugin plugin for WordPress is...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
Infosecurity-magazine.com

PayU Plugin Flaw Allows Account Takeover on 5000 WordPress Sites

A critical vulnerability in the PayU CommercePro plugin has put thousands of WordPress sites at risk by allowing unauthenticated attackers to hijack user accounts, according to PatchStack. The flaw, ...