Bleeping Computer

Attackers use abandoned WordPress plugin to backdoor websites

Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors. Eval PHP is an old WordPress plugin that allows site admins to embed PHP ...
Bleeping Computer

WordPress plugin ‘Gravity Forms’ vulnerable to PHP object injection

The premium WordPress plugin 'Gravity Forms,' currently used by over 930,000 websites, is vulnerable to unauthenticated PHP Object Injection. Gravity Forms is a custom form builder website owners use ...
Searchenginejournal.com

How to Choose WordPress Plugins

WordPress plugins are helpful. But they can also slow a site down, invite hackers and even cause a Google penalty. These are my top five considerations when choosing a WordPress plugin. The plugin is ...
Infosecurity-magazine.com

Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable

More than 10,000 WordPress sites have been left vulnerable to full site takeover due to three critical security flaws discovered in the HT Contact Form Widget for Elementor Page Builder & Gutenberg ...
Forbes

10 Best WordPress Plugins You Should Have In 2026

Editorial Note: Forbes Advisor may earn a commission on sales made from partner links on this page, but that doesn't affect our editors' opinions or evaluations. In 2024, WordPress is one of the most ...