Bleeping Computer

Security plugin flaw in millions of WordPress sites gives admin access

A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions. Really ...
CMS Wire

Top 7 User-Rated WordPress Security Plugins

WordPress security should be a concern for every WordPress user. Here are 7 security plugins that Wordpress users have rated the highest. WordPress security has become a topic of huge importance for ...
HotHardware

Alarming WordPress Plugin Security Flaw Leaves 2M Sites Vulnerable To Attack

A WordPress plugin with over 2 million active installations left its users open to an alarming security flaw. The popular Advanced Custom Fields (ACF) plugin by WP Engine allows WordPress admins to ...
Searchenginejournal.com

WordPress Security Plugin Vulnerability Affects +1 Million Sites

WordPress security plugin discovered to have two vulnerabilities that could allow a malicious upload, cross-site scripting and allow viewing of contents of arbitrary files. All-In-One Security (AIOS) ...
ZDNet

Your WordPress site is at risk: These precautions and plugins can keep it secure

It's an interesting paradox. WordPress powers 35 percent of all websites on the Internet, in part because it's so flexible and modular. It has a robust library of more than 50,000 plugins, each adding ...
Ars Technica

WordPress plugin installed on 1 million+ sites logged plaintext passwords

All-In-One Security, a WordPress security plugin installed on more than 1 million websites, has issued a security update after being caught three weeks ago logging plaintext passwords and storing them ...
Searchenginejournal.com

WordPress Proposal To Improve Security & Performance of Plugins

WordPress announced a proposal to take a more proactive approach toward third party plugins in order to improve security and site performance. What is being discussed is a plugin checker that will ...