Tag: wordpress
-
Malware hides in Steam comments to infect WordPress sites
First seen on scworld.com Jump to article: www.scworld.com/brief/malware-hides-in-steam-comments-to-infect-wordpress-sites
-
Critical Kirki flaw exploited to hijack WordPress admin accounts
Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-kirki-flaw-exploited-to-hijack-wordpress-admin-accounts/
-
Critical Kirki flaw exploited to hijack WordPress admin accounts
Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-kirki-flaw-exploited-to-hijack-wordpress-admin-accounts/
-
New WordPress Malware Uses Steam Profile Comments to Hide C2 Instructions
GoDaddy researchers found WordPress malware using Steam Community profile comments to hide encoded command and control data, with nearly 1,980 sites affected. First seen on hackread.com Jump to article: hackread.com/wordpress-malware-steam-profile-comments-instructions/
-
GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure
Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-and-control infrastructure for a malware campaign abusing Valve’s Steam gaming platform. The experts discovered malware on approximately 1,980 WordPress sites that fetches its instructions by reading Steam Community profile comments, where the actual payload is…
-
GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure
Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-and-control infrastructure for a malware campaign abusing Valve’s Steam gaming platform. The experts discovered malware on approximately 1,980 WordPress sites that fetches its instructions by reading Steam Community profile comments, where the actual payload is…
-
WordPress malware campaign hides payloads in Steam profiles
Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/wordpress-malware-campaign-hides-payloads-in-steam-profiles/
-
CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password
CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create WordPress admin accounts. 2,858 attacks blocked in 24 hours. WP Maps Pro plugin allows WordPress site owners to embed Google Maps and OpenStreetMap with markers, listings, and location search. It’s a store locator tool. Unremarkable. The plugin is installed on over 15,000 websites, according to sale…
-
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious administrator accounts on susceptible sites.WP Maps Pro allows site owners to embed customizable Google Maps and OpenStreetMap with markers, listings, and advanced location features…
-
WP Maps Pro bug exploited to create admin accounts on WordPress sites
Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/wp-maps-pro-bug-exploited-to-create-admin-accounts-on-wordpress-sites/
-
WP Maps Pro bug exploited to create admin accounts on WordPress sites
Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/wp-maps-pro-bug-exploited-to-create-admin-accounts-on-wordpress-sites/
-
$20 per zero-day is already the WordPress plugin reality
Vulnerability researchers have spent the past year arguing about whether AI agents can find real bugs at scale or whether they mostly generate noise. A pipeline built in three … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/22/ai-wordpress-plugin-vulnerabilities/
-
1 Million WordPress Websites Exposed by Avada Builder Security Vulnerabilities
A widely used WordPress plugin powering over one million websites has been found vulnerable to two serious security flaws that could expose sensitive data and server files. Security researchers warn that the issues in the Avada Builder plugin could allow both authenticated and unauthenticated attackers to compromise affected sites. The vulnerabilities, discovered by researcher Rafie…
-
1 Million WordPress Websites Exposed by Avada Builder Security Vulnerabilities
A widely used WordPress plugin powering over one million websites has been found vulnerable to two serious security flaws that could expose sensitive data and server files. Security researchers warn that the issues in the Avada Builder plugin could allow both authenticated and unauthenticated attackers to compromise affected sites. The vulnerabilities, discovered by researcher Rafie…
-
Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores
Attackers are exploiting a critical flaw in the WordPress Funnel Builder plugin to inject skimming code into WooCommerce checkout pages. A critical vulnerability in the WordPress Funnel Builder plugin is being actively exploited to inject malicious JavaScript into WooCommerce checkout pages, according to Sansec researchers. Funnel Builder by FunnelKit is a checkout and upsell plugin…
-
Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject malicious JavaScript code into WooCommerce checkout pages with the goal of stealing payment data. Details of the activity were published by Sansec this week. The vulnerability currently does not have an official CVE identifier.…
-
Funnel Builder WordPress plugin bug exploited to steal credit cards
A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/funnel-builder-wordpress-plugin-bug-exploited-to-steal-credit-cards/
-
Avada Builder WordPress plugin flaws allow site credential theft
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the database. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/avada-builder-wordpress-plugin-flaws-allow-site-credential-theft/
-
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/
-
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/
-
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/
-
Hackers abuse Google ads for GoDaddy ManageWP login phishing
A phishing campaign delivered through Google sponsored search results is targeting credentials for ManageWP, GoDaddy’s platform for managing fleets of WordPress websites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-abuse-google-ads-for-godaddy-managewp-login-phishing/
-
Beliebtes WordPress-Plugin versteckte jahrelang eine Hintertür
Das WordPress-Plugin Quick Page/Post Redirect mit 70.000 Installationen enthielt über fünf Jahre eine geheime Backdoor für SEO-Spam. Experten warnen vor unkontrollierten Code-Injektionen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/wordpress-plugin-hintertuer
-
Beliebtes WordPress-Plugin versteckte jahrelang eine Hintertür
Das WordPress-Plugin Quick Page/Post Redirect mit 70.000 Installationen enthielt über fünf Jahre eine geheime Backdoor für SEO-Spam. Experten warnen vor unkontrollierten Code-Injektionen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/wordpress-plugin-hintertuer
-
Beliebtes WordPress-Plugin versteckte jahrelang eine Hintertür
Das WordPress-Plugin Quick Page/Post Redirect mit 70.000 Installationen enthielt über fünf Jahre eine geheime Backdoor für SEO-Spam. Experten warnen vor unkontrollierten Code-Injektionen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/wordpress-plugin-hintertuer
-
Backdoored WordPress Plugin Abuses Remote Update Checker for Silent Code Delivery
A long-dormant backdoor has been uncovered in the >>Quick Page/Post Redirect Plugin,<< a popular WordPress add-on with over 70,000 active installations. The tampered plugin, specifically version 5.2.3, contained two distinct malicious features. First, it featured a passive content injection mechanism. On every page viewed by a logged-out user, the plugin connected to a third-party server…
-
Popular WordPress redirect plugin hid dormant backdoor for years
The Quick Page/Post Redirect plugin, installed on more than 70,000 WordPress sites, had a backdoor added five years ago that allows injecting arbitrary code into users’ sites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/popular-wordpress-redirect-plugin-hid-dormant-backdoor-for-years/
-
Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844)
Attackers exploit a Breeze Cache flaw (CVE-2026-3844) to upload files without login. Wordfence researchers detected over 170 attacks. Threat actors are exploiting a critical flaw, tracked as CVE-2026-3844 (CVSS score of 9.8), in the Breeze Cache WordPress plugin, allowing them to upload files to a server without authentication. The vulnerability has already been used in…
-
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-file-upload-bug-in-breeze-cache-wordpress-plugin/