WordPress Membership Plugin Flaw Exposes Sensitive Stripe Data

WordPress membership plugin vulnerability exposing sensitive Stripe payment data affects up to 10,000 websites.

Hackers exploit Modular DS WordPress plugin flaw for admin access

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass ...
The Hacker News

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched in version 2.5.2.
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
TechRadar

Another major WordPress plugin has been hacked to try and hijack your sites

Researchers from WPScan find flaw in Hunk Companion, a plugin with roughly 10,000 users The flaw allows crooks to install other plugins from the WP repository, including those with known RCE flaws ...
Searchenginejournal.com

Scan of 140K Sites Reveals Best WordPress Plugins

An analysis of 140,000 sites hosted on managed WordPress host Kinsta revealed the WordPress plugins that users judge to be the best for SEO and performance. These findings highlight which plugins ...