New WordPress Initiative Will Secure Plugins And Themes

WordPress announced the Protect The Shire initiative to make all plugins and themes in its repositories and directories ...
ZDNet

WordPress plugin vulnerabilities affect 20 million downloads

A new vulnerability in WordPress plugin WPTouch highlights a series of recent discoveries that critically affect active plugins downloaded and used by millions of WordPress bloggers. If you're a ...
Ars Technica

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be ...
Bleeping Computer

Fake WordPress security advisory pushes backdoor plugin

WordPress administrators are being emailed fake WordPress security advisories for a fictitious vulnerability tracked as CVE-2023-45124 to infect sites with a malicious plugin. The campaign has been ...