Bleeping Computer

WordPress REST API Flaw Used to Install Backdoors

Attackers have found a way to escalate the benign WordPress REST API flaw and use it to gain full access to a victim's server by installing a hidden backdoor. On January 26, the WordPress team ...
Threat Post

20K WordPress Sites Exposed by Insecure Plugin REST-API

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS. More than 20,000 WordPress sites are vulnerable to malicious code injection, phishing ...
Security Boulevard

WordPress Vulnerability Scanner Reveals How Exposed Your Website Really Is

WordPress powers about 43% of all websites worldwide. This makes it an indispensable platform for organizations of all sizes. Unfortunately, that popularity also makes WordPress a prime target for ...
Searchenginejournal.com

Why WordPress 6.9 Abilities API Is Consequential And Far-Reaching

WordPress 6.9, scheduled for release on December 2, 2025, is shipping with a new Abilities API that introduces a new system designed to make advanced AI-driven functionality possible for themes and ...
Searchenginejournal.com

Builderius Brings AI-Assisted GraphQL Development To WordPress

Builderius WordPress website builder announced the ability to develop sites using GraphQL together with AI. The new functionality enables developers to use the power of GraphQL with the assistance of ...
Infosecurity-magazine.com

XSS Vulnerabilities Found in WordPress Plugin Slider Revolution

A recent security audit of the Slider Revolution plugin has uncovered two significant vulnerabilities that could compromise the security of WordPress websites. Slider Revolution, a widely used premium ...