Hackers exploit WordPress plugin security flaw exposing 40,000 websites

Patchstack found critical Modular DS flaw (CVE-2026-23550) allowing admin bypass Vulnerability scored 10/10 and is already ...

WordPress Membership Plugin Flaw Exposes Sensitive Stripe Data

WordPress membership plugin vulnerability exposing sensitive Stripe payment data affects up to 10,000 websites.
TechRadar

Dangerous WordPress plugin puts over 160,000 sites at risk - here's what we know

Older versions of Post SMTP allowed hackers to read all emails They could also reset the admin password and read the notification email, gaining access to the account More than 160,000 WordPress sites ...
The Verge

WordPress.org’s latest move involves taking control of a WP Engine plugin

WordPress co-founder Matt Mullenweg calls it “a rare and unusual situation” resulting from WP Engine’s legal moves. WordPress co-founder Matt Mullenweg calls it “a rare and unusual situation” ...

WordPress X Account’s ‘Childish’ Trolling Causes Backlash

An official WordPress.org social media account was used to troll the open source movement to decentralize the WordPress ...