Searchenginejournal.com

WordPress Just Locked Down Security For All Plugins & Themes

WordPress announced a major clampdown to protect its theme and plugin ecosystem from password insecurity. These improvements follow a flurry of attacks in June that compromised multiple plugins at the ...
Bleeping Computer

Over 90 WordPress themes, plugins backdoored in supply chain attack

A massive supply chain attack compromised 93 WordPress themes and plugins to contain a backdoor, giving threat-actors full access to websites. In total, threat actors compromised 40 themes and 53 ...
Searchenginejournal.com

Divi WordPress Theme Vulnerability

WordFence researchers discovered a vulnerability in Elegant Themes Divi and Extra themes and the Divi Builder plugin. The vulnerability allows an attacker to completely take over a site. The Divi ...
TechRadar

WordPress users beware - these popular theme plugins have some major security issues

Patchstack found two bugs in a WordPress theme and a plugin from InspiryThemes The bugs were not addressed in three latest versions Users are advised to disable the products or limit new account ...
Bleeping Computer

Premium WordPress 'Motors' theme vulnerable to admin takeover attacks

A critical privilege escalation vulnerability has been discovered in the premium WordPress theme Motors, which allows unauthenticated attackers to hijack administrator accounts and take complete ...
TechRadar

Vulnerability that allows full admin takeover found in premium WordPress theme

'Motors' allowed threat actors to take over admin accounts This enabled full website takeover The developers released a fix Motors, a premium theme for WordPress, was carrying a critical-severity ...
ZDNet

WordPress to add auto-update feature for themes and plugins

The WordPress developer team is working on adding an auto-update mechanism to themes and plugins, a common source of website hacks, primarily because site owners usually install themes and plugins, ...