Nearly a million WordPress websites could be at risk from this serious plugin security flaw

WPvivid Backup & Migration plugin allows for arbitrary file upload which can lead to remote code execution.
TechRadar

Millions at risk as popular WordPress database plugin is targeted by hackers — here's what WordPress site owners need to know

A popular WordPress vulnerability has been found carrying a critical vulnerability which allowed hackers to attack websites, steal sensitive data, and even force them offline. The vulnerability, ...
ZDNet

WordPress plugin vulnerability can be exploited for total website takeover

A WordPress plugin has been found to contain "easily exploitable" security issues that can be exploited to completely take over vulnerable websites. The plugin at the heart of the matter, WP Database ...
TechJuice

Code Red for WordPress: Why Security Experts Are Calling This the “Worst Bug of 2026”

Over 40,000 WordPress sites are affected by a new malware flaw. Site owners must update plugins, scan for infections, and ...

More than 40,000 WordPress sites affected by new malware flaw

A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...
Infosecurity Magazine

SQL Injection Flaw Affects 40,000 WordPress Sites

More than 40,000 WordPress sites using the Quiz and Survey Master plugin have been affected by a SQL injection vulnerability that allowed authenticated users to interfere with database queries.
Threat Post

WPScan Vulnerability Database a New WordPress Security Resource

Researcher Ryan Dewhurst released the WPScan Vulnerability Database, a database housing security vulnerabilities in WordPress core code, plug-ins and themes. It’s available for pen-testers, WordPress ...