An advisory was issued for a critical vulnerability rated 9.8/10 in the CleanTalk Antispam WordPress plugin, installed in over 200,000 websites. The vulnerability enables unauthenticated attackers to ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Cory Benfield discusses the evolution of ...

A vulnerability advisory was issued for a WordPress Contact Form 7 add-on plugin that enables unauthenticated attackers to “easily” launch a remote code execution. The vulnerability is rated high (8.8 ...

A second security flaw impacting the OttoKit (formerly SureTriggers) WordPress plugin has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-27007 (CVSS score: 9.8), is ...

Sucuri has discovered multiple malware families deployed in the WordPress mu-plugins directory to evade routine security checks. Malicious hackers have been caught hiding their WordPress malware in ...

Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors. "Creating four backdoors facilitates the attackers having multiple ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Writer, the full-stack generative AI ...