Hackers exploit Modular DS WordPress plugin flaw for admin access

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass ...
CSO Online

Modular DS bug hands hackers instant WordPress admin access

Security researchers confirmed in-the-wild exploitations of the mx-severity flaw, allowing unauthenticated actors gain full ...

ACF plugin bug gives hackers admin on 50,000 WordPress sites

A critical-severity vulnerability in the Advanced Custom Fields: Extended (ACF Extended) plugin for WordPress can be ...
Dark Reading

WordPress Hackers Exploit Username 'Admin'

Attention, WordPress users: If you have a WordPress username set to "admin," change it immediately. That warning was issued Friday by WordPress founder Matt Mullenweg, in the wake of reports that ...

Hackers exploit WordPress plugin security flaw exposing 40,000 websites to complete takeover risk - here's how to stay safe

In its write-up, Patchstack said the flaw is already being exploited in the wild, and that first attacks were detected on ...
ZDNet

Zero-day in WordPress SMTP plugin abused to reset admin account passwords

Hackers are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites. The zero-day was used in ...