The Hacker News

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched ...

10Web WordPress Photo Gallery Plugin Vulnerability

Web Photo Gallery plugin vulnerability enables attacker to delete image comments. Impacts all plugin versions up to and ...

A popular WordPress plugin has a worrying flaw

Here's how to stay safe ...

WP Go Maps Plugin Vulnerability Affects Up To 300K WordPress Sites

A security advisory was published about a vulnerability affecting the WP Go Maps plugin for WordPress installed in over ...

Hackers exploit Modular DS WordPress plugin flaw for admin access

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass ...

ACF plugin bug gives hackers admin on 50,000 WordPress sites

A critical-severity vulnerability in the Advanced Custom Fields: Extended (ACF Extended) plugin for WordPress can be ...

Hackers exploit WordPress plugin security flaw exposing 40,000 websites

Critical WordPress plugin flaw exposed some 40,000 users ...