Bleeping Computer

Hunk Companion WordPress plugin exploited to install vulnerable plugins

Hackers are exploiting a critical vulnerability in the "Hunk Companion" plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository. By installing ...
Bleeping Computer

Hackers Find New Method of Installing Backdoored Plugins on WordPress Sites

Hackers have come up with a never-before-seen method of installing backdoored plugins on websites running the open-source WordPress CMS, and this new technique relies on using weakly protected ...
Ars Technica

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...

CleanTalk WordPress Plugin Vulnerability Threatens Up To 200K Sites

CleanTalk WordPress plugin vulnerability affecting up to 200,000 sites could lead to remote code execution by unauthenticated attackers.