Threat Post

WP Live Chat WordPress Plugin Re-Patches File Upload Flaw

After researchers were able to bypass a file upload validation flaw patch in WP Live Chat, a new patch has been issued. A WordPress plugin vulnerability found in WP Live Chat could allow an attacker ...
Infosecurity-magazine.com

Vulnerability in Chaty Pro Plugin Exposes 18,000 WordPress Sites

A new security vulnerability in the Chaty Pro plugin has been identified, potentially allowing attackers to take over WordPress sites by uploading malicious files. Chaty Pro is a popular WordPress ...
Threat Post

WordPress WP Live Chat Support Plugin Fixes XSS Flaw

A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites. For the second time this month a patch has been ...
Infosecurity-magazine.com

Flaw in AI Plugin Exposes 50,000 WordPress Sites to Remote Attack

A critical vulnerability has been identified in the AI Engine plugin for WordPress, specifically affecting its free version with over 50,000 active installations. The plugin is widely recognized for ...
Bleeping Computer

Critical Forminator plugin flaw impacts over 300k WordPress sites

The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads to the server. Forminator by WPMU DEV is a custom ...
Bleeping Computer

Hackers target WordPress calendar plugin used by 150,000 sites

Hackers are trying to exploit a vulnerability in the Modern Events Calendar WordPress plugin that is present on more than 150,000 websites to upload arbitrary files to a vulnerable site and execute ...