SecurityWeek

Critical King Addons Vulnerability Exploited to Hack WordPress Sites

Threat actors have been exploiting a critical King Addons for Elementor vulnerability to hack WordPress websites.

Sneeit WordPress RCE flaw allows hackers to add themselves as admin - here's how to stay safe

A critical flaw in a WordPress add-on was recently patched, which allows crooks to add a rogue admin account to the site.
Infosecurity Magazine

Motors WordPress Vulnerability Exposes Sites to Takeover

A critical flaw in the Motors WordPress theme affecting more than 20,000 installations allows low-privileged users to gain ...
Bleeping Computer

Forminator plugin flaw exposes WordPress sites to takeover attacks

The Forminator plugin for WordPress is vulnerable to an unauthenticated arbitrary file deletion flaw that could enable full site takeover attacks. The security issue is tracked as CVE-2025-6463 and ...
Ars Technica

Automattic’s “nuclear war” over WordPress access sparks potential class action

The company behind WordPress, Automattic Inc., and its founder, Matt Mullenweg, continue to face backlash over a “nuclear war” started with WP Engine (WPE) that allegedly messed with maintenance and ...
Bleeping Computer

W3 Total Cache WordPress plugin vulnerable to PHP command injection

A critical flaw in the W3 Total Cache (W3TC) WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload. The vulnerability, tracked as ...
Hosted on MSN

WordPress vs Squarespace: Which CMS is better in 2025?

WordPress is the world's most popular CMS platform. It powers over 60% of websites globally. But with WordPress.com, you also get managed hosting and maintenance. Squarespace is an all-in-one website ...