Security news aggregator

Latest coverage for Wordpress

WordPress is a content management platform whose core, plugins, and themes can contain vulnerabilities that expose websites, accounts, and data.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

WordPress is an open-source content management system (CMS) used to publish and manage websites. A site typically combines WordPress core with independently developed plugins and themes, which extend functionality but create a diverse and changing software supply chain. Its security therefore depends not only on the core software, but also on the quality, maintenance, and configuration of those extensions.

Security-relevant issues include exploitable vulnerabilities in core, plugins, or themes; weak or reused administrator credentials; and exposed or poorly configured administrative and API interfaces. Attackers may use these paths to alter content, install malicious code, or access site data. Administrators should track advisories and affected versions, apply updates through a controlled process, remove unsupported extensions, enforce strong authentication and least privilege, and keep protected, tested backups. Monitoring and log review help identify unauthorized changes and support recovery when compromise is suspected.

Volume over time

Weekly headline count for the current query.

Showing 11 most recent headlines Filtered view

PLUS: Google re-patches Quick Share flaws; Critical Cisco flaw exploited; WordPress plugin trouble; and more Infosec in Brief How did journalist Jeffrey Goldberg’s phone number end up in a Signal group chat? According to The Guardian, US national security adviser Mike Waltz accidentally saved it into the contact file of a campaign staffer who later took a job at the US National Security Council official.…

PLUS: Russian bug-buyers seeks Telegram flaws; Another WordPress security mess; NIST backlog grows; and more! Infosec In Brief Organized crime networks are now reliant on digital tech for most of their activities according to Europol, the European agency that fights international crime on the continent and beyond.…

Also, new EU cyber reporting rules are live, exploiters hit the gas pedal, free PDNS for UK schools, and more in brief A critical security update for the near-ubiquitous WordPress plugin Jetpack was released last week. Site administrators should ensure the latest version is installed to keep their sites secure. …