Vibe Coding Plugins? Validate With Official WordPress Plugin Checker

Official WordPress Plugin Checker offers automated code review for security and best practices. Don't vibe code plugins ...

Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk

A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data ...
SecurityWeek

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

A vulnerability in the Ally WordPress plugin exposes over 200,000 websites to sensitive information disclosure via SQL queries.

WordPress membership plugin bug exploited to create admin accounts

Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than ...

Another worrying WordPress plugin security flaw could put 250,000 websites at risk

Ally was carrying an SQL injection flaw that allowed data exfiltration.

WordPress Releases Updated AI Experiments Plugin

The WordPress AI Experiments plugin is available for download, and contributors continue development toward version 0.5.0.
Bleeping Computer

Backdoor Found in WordPress Plugin With More Than 300,000 Installations

A WordPress plugin installed on over 300,000 sites was recently modified to download and install a hidden backdoor. The WordPress team has intervened and removed this plugin from the official ...
TechCrunch

Amazon launches a Polly WordPress plugin that turns blog posts into audio, including podcasts

Amazon today is launching a new Amazon Polly WordPress plugin that gives your blog a voice by creating audio versions of your posts. The resulting audio can be played from within the blog post itself, ...

Hackers exploiting WordPress membership plugin bug to create admin accounts

A popular WP plugin can be abused to take over websites and thousands of sites are vulnerable.