The Hacker News

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched ...

Hackers exploit Modular DS WordPress plugin flaw for admin access

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass ...

WordPress Membership Plugin Flaw Exposes Sensitive Stripe Data

WordPress membership plugin vulnerability exposing sensitive Stripe payment data affects up to 10,000 websites.
techtimes

WordPress Plugins Hit by Supply Chain Cyberattack, Compromising Thousands of Websites

Several WordPress plugins have reportedly been backdoored in a cyberattack that gave hackers full access and other malicious functions to any website utilizing these plugins. According to researchers ...
Threat Post

AdSanity, AccessPress Plugins Open Scads of WordPress Sites to Takeover

A critical security bug and a months-long, ongoing supply-chain attack spell trouble for WordPress users. The WordPress content management system (CMS) is offering admins more headaches this week, ...