Bleeping Computer

WordPress REST API Flaw Used to Install Backdoors

Attackers have found a way to escalate the benign WordPress REST API flaw and use it to gain full access to a victim's server by installing a hidden backdoor. On January 26, the WordPress team ...
Threat Post

WordPress REST API Bug Could Be Used in Stored XSS Attacks

The recently patched REST API Endpoint vulnerability in WordPress could be leveraged to pull off stored cross-site scripting attacks. The recently patched WordPress REST API Endpoint vulnerability is ...
SecurityWeek

Year-Old WordPress Plugin Flaws Exploited to Hack Websites

Three critical-severity vulnerabilities in the GutenKit and Hunk Companion WordPress plugins have been exploited in a new campaign.
Searchenginejournal.com

WordPress Plugin OptinMonster Vulnerability Affects +1 Million Sites

WordPress security researchers at Wordfence reported that a flaw in the OptinMonster WordPress plugin was found to allow hackers to upload malicious scripts to attack site visitors and lead to full ...
SiliconANGLE

Automattic builds on PHP to create a RESTful, open source backend WordPress interface

Automattic, Inc., the company behind the ever-popular WordPress content management system, have announced a major refresh of its hosted blogging platform WordPress.com along with a number of extras ...