Sneeit WordPress RCE flaw allows hackers to add themselves as admin - here's how to stay safe

A critical flaw in a WordPress add-on was recently patched, which allows crooks to add a rogue admin account to the site.
Bleeping Computer

Security plugin flaw in millions of WordPress sites gives admin access

A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions. Really ...
Searchenginejournal.com

Top 15 Ways To Secure A WordPress Site

Hackers and malicious actors are relentless in their attempts to gain access to websites and their sensitive data. The result? We are currently seeing an unprecedented amount of cyber security attacks ...
Searchenginejournal.com

WordPress Security Plugin Exposes +1 Million Websites

The WPS Hide Login WordPress plugin recently patched a vulnerability that exposes users secret login page. The vulnerability allows a malicious hacker to defeat the purpose of the plugin (of hiding ...
Bleeping Computer

WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites

A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. Researchers at webscript security company c/side discovered ...
Ars Technica

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be ...