- 400,000+ Install WordPress Plugin Formidable Forms Is Missing More Basic Security Checks https://www.pluginvulnerabilities.com/2024/06/06/400000-install-wordpress-plugin-formidable-forms-is-missing-more-basic-security-checks/ 2 comments wordpress
- Numerous Security Providers Fail to Catch That WP Engine Didn't Fix Vulnerability in 100,000+ Install WordPress Plugin https://www.pluginvulnerabilities.com/2024/05/13/numerous-security-providers-fail-to-catch-that-wp-engine-didnt-fix-vulnerability-in-100000-install-wordpress-plugin/ 2 comments wordpress
- Many CVE Records Are Listing the Wrong Versions of Software as Being Affected https://www.pluginvulnerabilities.com/2024/01/22/many-cve-records-are-listing-the-wrong-versions-of-software-as-being-affected/ 9 comments netsec
- SiteGround's Response to Their WordPress Plugins' Tracking in Violation of WordPress Guidelines is to Continue Doing It https://www.pluginvulnerabilities.com/2023/12/21/sitegrounds-response-to-their-wordpress-plugins-tracking-in-violation-of-wordpress-guidelines-is-to-continue-doing-it/ 2 comments wordpress
- Two 1+ Million WordPress Plugins From SiteGround, Sponsor of Plugin Review Team Rep, Collecting Website Data Without Consent https://www.pluginvulnerabilities.com/2023/12/15/two-1-million-wordpress-plugins-from-siteground-sponsor-of-plugin-review-team-rep-tracking-without-consent/ 3 comments wordpress
- Hacker Targeted WordPress Plugin Still in Plugin Directory Despite Publicly Disclosed Unfixed SQL Injection Vulnerability https://www.pluginvulnerabilities.com/2023/09/27/hacker-targeted-wordpress-plugin-still-in-plugin-directory-despite-publicly-disclosed-unfixed-sql-injection-vulnerability/ 5 comments wordpress
- WordPress Plugin Developer Security Advisory: Elementor https://www.pluginvulnerabilities.com/2023/04/27/wordpress-plugin-developer-security-advisory-elementor/ 3 comments wordpress
- 100,000+ install WordPress plugin Quick Page/Post Redirect Plugin remains in Plugin Directory despite malicious code added to plugin through update mechanism. https://www.pluginvulnerabilities.com/2022/05/11/wordpress-plugin-developer-security-advisory-anadnet/ 3 comments wordpress
- 900,000+ install WordPress plugin File Manager (WP File Manager) has failed to implement basic security in the nearly five years since being notified it was missing. https://www.pluginvulnerabilities.com/2022/05/09/wordpress-plugin-developer-security-advisory-mndpsingh287/ 5 comments wordpress
- GoDaddy (Though Sucuri) Spreads Misinformation About Recently Fixed Vulnerabilities in All in One SEO https://www.pluginvulnerabilities.com/2021/12/23/godaddy-though-sucuri-spreads-misinformation-about-recently-fixed-vulnerabilities-in-all-in-one-seo/ 2 comments wordpress
- Automattic’s “Internal Audit” of Plugin Misses Vulnerabilities Impacting Plugins With 1.2 Million Installs https://www.pluginvulnerabilities.com/2021/11/01/automattics-internal-audit-of-plugin-misses-vulnerabilities-impacting-plugins-with-1-2-million-installs/ 4 comments wordpress
- WordPress Security Plugins Failed to Protect Against Vulnerability When Using Gutenberg Editor https://www.pluginvulnerabilities.com/2021/09/27/wordpress-security-plugins-failed-to-protect-against-vulnerability-when-using-gutenberg-editor/ 2 comments wordpress
- Backdoor found in WordPress plugin with 200K installs https://www.pluginvulnerabilities.com/2017/09/11/wordpress-poor-handling-of-plugin-security-exacerbates-malicious-takeover-of-display-widgets/ 3 comments netsec
- Just Because a Hacker is Requesting a WordPress Plugin’s File Doesn’t Mean There is a Vulnerability in It https://www.pluginvulnerabilities.com/2017/08/23/just-because-a-hacker-is-requesting-a-wordpress-plugins-file-doesnt-mean-there-is-a-vulnerability-in-it/ 4 comments netsec