Hackers exploit Modular DS WordPress plugin flaw for admin access

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass ...
The Hacker News

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched in version 2.5.2.

All In One SEO WordPress Vulnerability Affects Over 3 Million Sites

A vulnerability in the AIOSEO plugin affecting up to 3 million installations adds to the six vulnerabilities found in 2025.
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
Forbes

10 Best WordPress Plugins You Should Have In 2026

Editorial Note: Forbes Advisor may earn a commission on sales made from partner links on this page, but that doesn't affect our editors' opinions or evaluations. In 2024, WordPress is one of the most ...

WordPress X Account’s ‘Childish’ Trolling Causes Backlash

An official WordPress.org social media account was used to troll the open source movement to decentralize the WordPress ...
Threat Post

Easy WP SMTP Security Bug Can Reveal Admin Credentials

A poorly configured file opens users up to site takeover. Easy WP SMTP, a WordPress plugin for email management that has more than 500,000 installations, has a vulnerability that could open the site ...
TechRadar

Multiple WordPress plugins are being hacked to attack websites across the world

Thousands of WordPress websites are at risk of being completely taken over by hackers, after the updating process of multiple plugins was compromised to deploy malicious code. Security researchers ...