ZDNet

WordPress to add auto-update feature for themes and plugins

The WordPress developer team is working on adding an auto-update mechanism to themes and plugins, a common source of website hacks, primarily because site owners usually install themes and plugins, ...
Infosecurity-magazine.com

Multiple Flaws Found in the Avada WordPress Theme and Plugin

Multiple vulnerabilities have been identified in the widely used Avada theme and its accompanying Avada Builder plugin. These security flaws, uncovered by Patchstack’s security researcher Rafie ...
TechRadar

WordPress users beware - these popular theme plugins have some major security issues

Patchstack found two bugs in a WordPress theme and a plugin from InspiryThemes The bugs were not addressed in three latest versions Users are advised to disable the products or limit new account ...
ZDNet

Hackers exploit zero-day in WordPress plugin to create rogue admin accounts

Hackers are exploiting a zero-day vulnerability in a WordPress plugin made by ThemeREX, a company that sells commercial WordPress themes. The attacks, detected by Wordfence, a company that provides a ...
Threat Post

Active Exploits Hit Vulnerable WordPress ThemeGrill Plugin

Websites using a vulnerable version of the WordPress plugin, ThemeGrill Demo Importer, are being targeted by attackers. Researchers are urging users of a vulnerable WordPress plugin, ThemeGrill Demo ...
Bleeping Computer

Critical flaws in WordPress Houzez theme exploited to hijack websites

Hackers are actively exploiting two critical-severity vulnerabilities in the Houzez theme and plugin for WordPress, two premium add-ons used primarily in real estate websites. The Houzez theme is a ...