Infosecurity-magazine.com

LiteSpeed Cache Plugin Vulnerability Poses Admin Access Risk

A vulnerability in the LiteSpeed Cache plugin for WordPress, which has over 6 million active installations, has been discovered allowing unauthenticated visitors to gain administrator-level access by ...
Bleeping Computer

Vulnerability in AMP for WP Plugin Allowed Admin Access to WordPress

A vulnerability for the very popular AMP for WP WordPress plugin with a 100 thousand active installations allows any registered user to escalate their privileges to gain administrative access to the ...
TechRadar

This WordPress plugin grants hackers 'ultimate' admin access to your site

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Thousands of WordPress sites could be at risk as a vulnerability in the Ultimate Member plugin ...
TechRadar

WordPress plugins hacked for fake admin accounts

Popular web hosting site WordPress has come under attack from hackers exploiting a flaw that allows them to create rogue admin accounts. Researchers at security firm Wordfence discovered that known ...
Bleeping Computer

Zero-Day in WordPress Plugin Exploited to Create Admin Accounts

A zero-day vulnerability in the ThemeREX Addons, a WordPress plugin installed on thousands of sites, is actively exploited by attackers to create user accounts with admin permissions and potentially ...
ZDNet

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites. The zero-day was used in ...
ZDNet

Hackers exploit zero-day in WordPress plugin to create rogue admin accounts

Hackers are exploiting a zero-day vulnerability in a WordPress plugin made by ThemeREX, a company that sells commercial WordPress themes. The attacks, detected by Wordfence, a company that provides a ...