A critical vulnerability in the Everest Forms Pro plugin for WordPress has been actively exploited to hijack vulnerable ...

WP Engine, a global web enablement company providing premium products and solutions for websites built on WordPress® 1, today ...

The comments on some Steam Profiles are actually loaded with invisible malware.

Hundreds of thousands of websites are potentially exposed to attacks exploiting two vulnerabilities in the Kirki and Burst Statistics WordPress plugins, Defiant warns. Kirki provides website and ...

A new malware campaign has compromised nearly 2,000 WordPress websites by using Steam Community profile comments to hide ...

A vulnerability in the WP Maps Pro WordPress plugin has been exploited to create admin accounts and take over vulnerable sites.

CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create admin accounts on 15,000+ WordPress sites. Wordfence blocked 2,858 attacks in 24 hours.

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data.

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...

HTTP Archive’s latest Core Web Vitals Technology Report ranks seven content management platforms and offers the surprising insight that page weight and PageSpeed Insights Lighthouse scores do not ...

WordPress 7.0 “Armstrong,” released May 20, 2026, arrived without the real-time collaborative editing feature that had been ...

AI may dominate the attention around WordPress 7.0, but Armstrong also brings major changes to editing, design, navigation, and publishing.