Seraphinite Accelerator WordPress Plugin Vulnerabilities Affect 60K Sites

A security advisory was issued for two vulnerabilities affecting the Seraphinite Accelerator WordPress plugin.

Page Builder by SiteOrigin WordPress Vulnerability Affects Up To 500k Sites

Page Builder by SiteOrigin WordPress plugin vulnerability enables attackers to execute arbitrary server files.
PC World

Recent WordPress vulnerability used to deface 1.5 million pages

Up to 20 attackers or groups of attackers are defacing WordPress websites that haven’t yet applied a recent patch for a critical vulnerability. The vulnerability, located in the platform’s REST API, ...
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
Digital Journal

Warning over new WordPress transactions vulnerability

A WordPress plug-in could potentially allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. This poses a potential risk to those who use WordPress for e-commerce. Dr.
heise online

WordPress plugins with critical vulnerabilities, some already under attack

Security vulnerabilities with critical risk ratings are present in widespread WordPress plugins. One is already being attacked. Patchstack discusses the details in their advisory. Since last Friday, ...