WordPress
-
Security Flaw in Forminator Plugin Puts Over 600,000 WordPress Sites at Risk
The Forminator plugin for WordPress, used on over 600,000 sites, has a high-severity vulnerability (CVE-2025-6463) that could allow attackers to execute arbitrary file deletions, potentially leading to complete site takeovers. Users are urged to update to the latest version or disable the plugin immediately to avoid exploitation.
-
Advanced Malware Campaign Targets WordPress Sites, Poses Major Risks to Users
Cybersecurity experts reveal a sophisticated malware campaign targeting WordPress websites, capable of stealing sensitive information and evading detection. Discovered by the Wordfence team, the malware employs innovative tactics, including fake checkout forms and Cloudflare brand impersonation.
-
Critical Vulnerability in WordPress Motors Theme Exploited by Hackers
Hackers are exploiting a significant vulnerability in the WordPress “Motors” theme, allowing them to take control of administrator accounts and jeopardize website security. The flaw, known as CVE-2025-4322, was flagged by Wordfence which reports extensive attacks targeting user accounts.
-
Critical WordPress Plugin Vulnerability Exposes Over 100,000 Sites to Attack
A critical vulnerability in the TI WooCommerce Wishlist plugin for WordPress exposes over 100,000 websites to potential file upload attacks, prompting security experts to recommend immediate action.
