Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk

A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data ...
Bleeping Computer

WordPress membership plugin bug exploited to create admin accounts

Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than 60,000 WordPress sites. Developed by WPEverest, the plugin provides ...
TechRadar

Hackers exploiting WordPress membership plugin bug to create admin accounts

Tens of thousands of WordPress websites are vulnerable to full site takeover, thanks to a critical-severity vulnerability just discovered in a popular plugin. Security researchers at Defiant reported ...

SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without ...
SecurityWeek

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

A vulnerability in the Ally WordPress plugin exposes over 200,000 websites to sensitive information disclosure via SQL queries.

Is WordPress Too Complex For Most Sites?

Yoast SEO co-founder provokes controversy with the idea that most sites don't need CMSs like WordPress anymore.

WordPress Releases Updated AI Experiments Plugin

The WordPress AI Experiments plugin is available for download, and contributors continue development toward version 0.5.0.
CMSWire

WordPress.com Enables AI Agents to Write & Manage Content

On March 20, the company enabled AI agents including Claude, ChatGPT, OpenClaw and Cursor to create, edit and manage content ...