Fireship on MSN

Data theft: The dark side of WordPress plugins

A recent attack compromised over 30 WordPress plugins through a backdoor acquired by purchasing the original developers. This ...
The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.
The Tech Edvocate

How to identify problematic WordPress plugin

The Backbone of Your Site Plugins are the lifeblood of WordPress, enabling users to customize their websites with functionality that ranges from SEO tools to social media integrations. With over ...
The Tech Edvocate

How to fix WordPress plugin conflicts

Spread the love“`html Managing a WordPress site can feel like a balancing act, especially when it comes to plugins. These handy tools enhance functionality, but occasionally they clash, leading to ...

Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
Business Wire

WP Engine Acquires Popular Delicious Brains WordPress Plugins Including Developer Favorite Advanced Custom Fields

Used in more than 4 Million sites globally, the collection of builder plugins expands WP Engine’s market-leading portfolio of essential developer tools and investment in the WordPress ecosystem.
Searchenginejournal.com

WordPress Developer Publishes Code To Block Mullenweg’s Web Hosting Clients

A prolific WordPress plugin publisher who has created over three dozen free plugins has released code that other plugin and theme publishers can use to block client’s of Matt Mullenweg’s WordPress.com ...