Hosted on MSN

Over 30 WordPress plugins backdoored after ownership change

A major WordPress supply chain attack has compromised more than 30 plugins from the EssentialPlugin suite, affecting hundreds of thousands of sites. The plugins were sold in early 2025 to a buyer who ...
Bleeping Computer

Forminator plugin flaw exposes WordPress sites to takeover attacks

The Forminator plugin for WordPress is vulnerable to an unauthenticated arbitrary file deletion flaw that could enable full site takeover attacks. The security issue is tracked as CVE-2025-6463 and ...

Attention content creators: your WordPress plugin of choice may have been compromised

Don't blog without the proper protections in place, folks.