In his report on bleepingcomputer.com, Bill Toulas stated that a serious vulnerability was found in the W3 Total Cache plugin installed on more than one million WordPress sites. This resulted in granting access to various information, including metadata on cloud-based applications, to attackers. The W3 Total Cache plugin uses several caching techniques to optimize website...Read More

A new dangerous malware identified as a WordPress plugin named PhishWP. This malware has been used by cyber attackers to create fake payment pages that mimic legitimate services like Stripe, enabling the theft of sensitive financial and personal data. According to researchers from SlashNext circulating on a Russian cybercrime forum, PhishWP allows attackers to create...Read More

Reported by Wordfence, its security team discovered a critical authentication bypass vulnerability in the Really Simple Security plugin (formerly known as Really Simple SSL), which includes both free and paid (pro) versions, and has been used on over 4 million websites. This plugin is designed to enhance security on the WordPress platform with features such...Read More