Report Tag: plugin vulnerability

Security

200,000 WordPress Sites at Risk from Critical Authentication Bypass Vulnerability in Burst Statistics Plugin

Wordfence researchers uncovered a critical authentication bypass in the Burst Statistics plugin impacting over 200,000 WordPress sites. Immediate updates to version 3.4.2 are essential to prevent administrator impersonation.

May 14, 2026 · 5 min read

Security

Attackers Actively Exploiting Critical Vulnerability in Breeze Cache Plugin

A critical Arbitrary File Upload vulnerability in Breeze Cache plugin is actively exploited, risking remote code execution on 400,000 WordPress sites. Immediate update to version 2.4.5 is vital.

May 6, 2026 · 5 min read

Security

50,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in Ninja Forms Plugin

A critical vulnerability in Ninja Forms – File Upload plugin exposes 50,000 WordPress sites to remote code execution attacks. Update to version 3.3.27 immediately.

Apr 7, 2026 · 5 min read

Security

200,000 WordPress Sites Affected by Arbitrary File Move Vulnerability in MW WP Form Plugin

A vulnerability in MW WP Form plugin affects 200,000 WordPress sites, risking file moves like wp-config.php. Update to version 5.1.1 immediately.

Apr 2, 2026 · 5 min read

Security

Tutor LMS Pro Authentication Bypass Exposes 30,000 WordPress Sites

A critical authentication bypass in Tutor LMS Pro affects 30,000 WordPress sites. Update to version 3.9.6 now to secure your site.

Mar 10, 2026 · 4 min read