Threat Post

20K WordPress Sites Exposed by Insecure Plugin REST-API

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS. More than 20,000 WordPress sites are vulnerable to malicious code injection, phishing ...
Threat Post

WooCommerce Falls to Fresh Card-Skimmer Malware

The payment-card stealer differs from typical malware targeting WordPress-based e-commerce environments. Credit-card-stealing criminals have set their sights on the WordPress plugin known as ...