Sneeit WordPress RCE flaw allows hackers to add themselves as admin - here's how to stay safe

A critical flaw in a WordPress add-on was recently patched, which allows crooks to add a rogue admin account to the site.

WordPress plugin with over a million installs may have a worrying security flaw - here's what we know

A critical WordPress plugin flaw allows threat actors to run arbitrary PHP commands, potentially taking over entire websites.
Ars Technica

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be ...
Searchenginejournal.com

WordPress 5.6 and PHP 8 Compatibility

WordPress is updating soon to version 5.6 which aims to be compatible with PHP 8. However, WordPress cautioned that it should be considered “beta-compatible” and explained why upgrading to PHP 8 ...
TechRadar

This old WordPress plugin is being used to hack compromised websites

Update: The WordPress Plugin Team has confirmed to TechRadar Pro that the Eval PHP plugin has been closed, citing concerns over its usage on compromised sites, its age, and the number of active ...
Bleeping Computer

PHP Everywhere RCE flaws threaten thousands of WordPress sites

Researchers found three critical remote code execution (RCE) vulnerabilities in the 'PHP Everywhere' plugin for WordPress, used by over 30,000 websites worldwide. PHP Everywhere is a plugin that ...
TechRadar

Best WordPress plugin of 2025

We list the best WordPress plugins, to make it simple and easy to add targeted features that increase the performance and interactivity of your WordPress website. The way we use the web has changed ...

5 Reasons To Use The Internet Archive’s New WordPress Plugin

The Internet Archive's new WordPress plugin enables websites to benefit from the Wayback Machine automatically ...