WooCommerce sent out an email to store owners to immediately update their store to the latest version to fix a security vulnerability.
Zero-day in WordPress SMTP plugin abused to reset admin account passwords
A Zero-day exploit patch has been released earlier this week but many WordPress sites remained unpatched —as usual.
Chrome 88 update improves dark mode, RIP Adobe Flash & FTP
Google has released Chrome 88 today to the Stable desktop channel, and it includes security improvements and the long-awaited removal of Adobe Flash Player.
Hackers exploiting Critical flaw affecting >350,000 WordPress sites
Critical flaw in File Manager, a plugin with more than 700,000 users; 52% are affected, that allows them to execute malicious scripts on Websites
WordPress plugin bugs can let hackers take over almost 1M sites
Two high severity vulnerabilities found in the Page Builder WordPress plugin installed on more than 1,000,000 sites can let hackers create new admin accounts, plant backdoors, and ultimately take over the compromised websites.
Millions of Sites Exposed by Flaw in Jetpack WordPress Plugin
Jetpack received another security update to address an issue found during an internal audit of the Contact Form block in December 2018, and a critical security update patching a vulnerability in the way some Jetpack shortcodes were processed in May 2016.