The Hacker News

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched ...

WordPress Advanced Custom Fields Extended Plugin Vulnerability

A vulnerability in an ACF addon plugin exposes up to 100,000 installations to a complete site takeover by unauthenticated ...

WordPress plugins with critical vulnerabilities, some already under attack

Security vulnerabilities with critical risk ratings are present in widespread WordPress plugins. One is already being attacked.

ACF plugin bug gives hackers admin on 50,000 WordPress sites

A critical-severity vulnerability in the Advanced Custom Fields: Extended (ACF Extended) plugin for WordPress can be ...

Hackers exploit WordPress plugin security flaw exposing 40,000 websites

Patchstack found critical Modular DS flaw (CVE-2026-23550) allowing admin bypass Vulnerability scored 10/10 and is already ...

Hackers exploit Modular DS WordPress plugin flaw for admin access

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass ...
Forbes

Secure Your WordPress Website Now — 1.6 Million Attacks In 48 Hours

WordPress users warned as millions of attacks reported. Updated October 29 with a correction to the WordPress attack statistics: the correct number is 1.6 million attacks in 48 hours. WordPress ...

19 WordPress Alternatives: From Simple Builders To Enterprise CMS

Looking for WordPress alternatives that fit your stack? Compare builders, ecommerce platforms, headless CMS, and site ...