GrayCharlie Hijacks Law Firm Sites in Suspected Supply-Chain Attack
GrayCharlie turns compromised WordPress sites into malware delivery machines. Discover how this threat actor chains fake browser updates and ClickFix lures t...
WordPress
5 articles
800,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in WPvivid Backup WordPress Plugin
On January 12th, 2026, we received a submission for an Arbitrary File Upload vulnerability in WPvivid Backup, a WordPress plugin with more than 800,000 activ...
SQL Injection Flaw Affects 40,000 WordPress Sites
40,000 WordPress sites are vulnerable to SQL injection in Quiz and Survey Master plugin
RealHomes CRM Plugin Flaw Affected 30,000 WordPress Sites
Security flaw in RealHomes CRM plugin allowed file uploads; patches released for 30,000+ sites
[webapps] WordPress Quiz Maker 6.7.0.56 - SQL Injection
WordPress Quiz Maker 6.7.