WordPress plugin patches flaw that gave hackers potential access to 40,000 websites
The plugin Simple Social Buttons allows Wordpress users to distribute content on social media platforms. The flaw was discovered by a security developer at WebARX.
Former WPML employee hacks plugin website to spam customers
The makers of the WPML plugin said they're taking legal action against the attacker.
Flaw in WordPress plugin allowed unauthorized admin access, backdoors
The flaw has been patched in the privacy-focused plugin WP GDPR Compliance, which has more than 100,000 downloads.
Government websites, including uscourts.gov, pulled into cryptomining scheme
A third-party plugin co-opted sites, including ones belonging to the U.S. federal courts and D.C.'s public transit system, to mine Monero.