Plugin

3 minute read

Security

SQL Injection Vulnerability in Ally WordPress Plugin Exposes 200K+ Sites

SQL injection flaw in Ally WordPress plugin exposes 200,000+ sites to data theft. Patch released, but most installations remain unpatched and vulnerable.

byWaqas

March 13, 2026

2 minute read

New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare

Wordfence exposes a sophisticated WordPress malware campaign using a rogue WordPress Core plugin. Active since 2023, it steals credit cards and credentials with advanced anti-detection.

byDeeba Ahmed

June 25, 2025

2 minute read

Sneaky WordPress Malware Disguised as Anti-Malware Plugin

WordPress sites are under threat from a deceptive anti-malware plugin. Learn how this malware grants backdoor access, hides…

byDeeba Ahmed

April 30, 2025

3 minute read

New PhishWP Plugin on Russian Forum Turns Sites into Phishing Pages

SlashNext has discovered a malicious WordPress plugin, PhishWP, which creates convincing fake payment pages to steal your credit card information, 3DS codes, and personal data.

byWaqas

January 6, 2025

Popular WordPress Plugins Leave Millions Open to Backdoor Attacks

3 minute read

Security

Popular WordPress Plugins Leave Millions Open to Backdoor Attacks

Fastly researchers discover unauthenticated stored XSS attacks plaguing WordPress Plugins including WP Meta SEO, and the popular WP…

byDeeba Ahmed

June 3, 2024

Critical XSS Vulnerability in LiteSpeed Cache Plugin Affects Over 1.8M WordPress Sites

2 minute read

Security

LiteSpeed Cache Plugin XSS Vulnerability Affects 1.8M WordPress Sites

Is your WordPress site using LiteSpeed Cache? A recent surge in malicious JavaScript injections targets vulnerable versions. Learn how to identify the signs of infection and prevent future attacks. Patch, scan, and secure your WordPress site today!

byDeeba Ahmed

May 8, 2024

3 minute read

ChatGPT Plugins Exposed to Critical Vulnerabilities, Risked User Data

Critical security flaws found in ChatGPT plugins expose users to data breaches. Attackers could steal login details and…

byDeeba Ahmed

March 13, 2024

1 minute read

Gaming

PokeGone Chrome Plugin Erase Pokémon Go From Your Internet Life

A CHROME EXTENSION THAT CAN VIRTUALLY MAKE Pokémon Go DISAPPEAR (FROM THE WEB OF COURSE). While grown up…

byCarolina

July 18, 2016

2 minute read

Security

WordPress Google Analytics Plugin by Yoast Vulnerable to critical site-hijacking

Yet another vulnerability has been found in the Yoast WordPress plugin that can be exploited by attackers allowing…

byWaqas

March 21, 2015

The Latest

Hacker Group LAPSUS$ Claims Alleged AstraZeneca Data Breach

Why Image Format Conversion Is Becoming a Practical Issue in Web Security and Performance

New Fake Zoom Meeting Invite Scam Spreads Malware on Windows PCs

CISO Whisperer Names 11 Vendors Leading the Shift from Tools to Outcomes at RSA Conference 2026

Plugin

SQL Injection Vulnerability in Ally WordPress Plugin Exposes 200K+ Sites

New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare

Sneaky WordPress Malware Disguised as Anti-Malware Plugin

New PhishWP Plugin on Russian Forum Turns Sites into Phishing Pages

Popular WordPress Plugins Leave Millions Open to Backdoor Attacks

LiteSpeed Cache Plugin XSS Vulnerability Affects 1.8M WordPress Sites

ChatGPT Plugins Exposed to Critical Vulnerabilities, Risked User Data

PokeGone Chrome Plugin Erase Pokémon Go From Your Internet Life

WordPress Google Analytics Plugin by Yoast Vulnerable to critical site-hijacking

SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft

Orchid Security Recognized by Gartner® as a Representative Vendor of Guardian Agents

GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub

Kevuru Games Outlines the Shift Toward Flexible Art Production in the Games Industry

AI-HealthTech Innovator Humata Health Partners with AccuKnox for Zero Trust CNAPP