Bleeping Computer

WordPress plugin ‘Gravity Forms’ vulnerable to PHP object injection

The premium WordPress plugin 'Gravity Forms,' currently used by over 930,000 websites, is vulnerable to unauthenticated PHP Object Injection. Gravity Forms is a custom form builder website owners use ...
Searchenginejournal.com

WordPress Contact Form Entries Plugin Vulnerability Affects 70K Websites

A vulnerability advisory was issued for a WordPress plugin that saves contact form submissions. The flaw enables unauthenticated attackers to delete files, launch a denial of service attack, or ...
Threat Post

5M WordPress Sites Running ‘Contact Form 7’ Plugin Open to Attack

A critical unrestricted file upload bug in Contact Form 7 allows an unauthenticated visitor to take over a site running the plugin. A patch for the popular WordPress plugin called Contact Form 7 was ...
TechRadar

Another major WordPress add-on security flaw could affect 10,000 sites - find out if you're affected

King Addons plugin had two critical flaws ... here's what we know Millions of attacks hit WordPress websites - here's how to make sure you stay safe Site admins using the “King Addons Login | Register ...