Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
Threat Post

Severe WordPress Plug-In UpdraftPlus Bug Threatens Backups

An oversight in a WordPress plug-in exposes PII and authentication data to malicious insiders. The WordPress plug-in “UpdraftPlus” was patched on Wednesday to correct a vulnerability that left ...
Bleeping Computer

WordPress force installs UpdraftPlus patch on 3 million sites

WordPress has taken the rare step of force-updating the UpdraftPlus plugin on all sites to fix a high-severity vulnerability allowing website subscribers to download the latest database backups, which ...

UpdraftPlus Vulnerability Exposes 3 Million WordPress Sites

Attackers can bypass WordPress authentication, run commands as an administrator, and then install malicious plugins on ...