Threat Post

WordPress File Management Plugin Riddled with Critical Bugs

The bugs allow a range of attacks on websites, including deleting blog pages and remote code execution. A critical cross-site scripting (XSS) bug impacts WordPress sites running the Frontend File ...
Searchenginejournal.com

WordPress File Manager Plugin Vulnerability Affects +1 Million Websites

A significant security vulnerability has been identified and patched in the widely used File Manager plugin for WordPress, affecting over 1 million websites. The vulnerability is rated 8.1 out of 10 ...

File read flaw in Smart Slider plugin impacts 500K WordPress sites

A vulnerability in the Smart Slider 3 WordPress plugin, active on more than 800,000 websites, can be exploited to allow subscriber-level users access to arbitrary files on the server.
ZDNet

WordPress File Manager plugin flaw causing website hijack exploited in the wild

The file in question was pulled by third-party dependency elFinder and used as a code reference. An extension added to the file, the rename of connector-minimal.php-dist to connector-minimal.php, was ...
Infosecurity-magazine.com

WordPress Plugin Flaw Exposes 600,000 Sites to File Deletion

A severe vulnerability in the widely used Forminator WordPress plugin has been disclosed, exposing websites to the risk of arbitrary file deletion and potential site takeover. The flaw, which affects ...

Around 500,000 WordPress websites could be at risk from crucial plugin security flaw

Hackers can read arbitrary files with this newly discovered flaw ...
Infosecurity Magazine

Critical Vulnerability in Ninja Forms Exposes WordPress Sites

A critical arbitrary file upload vulnerability in Ninja Forms – File Upload Plugin has been identified, exposing thousands of ...