Threat Post

WordPress WP Live Chat Support Plugin Fixes XSS Flaw

A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites. For the second time this month a patch has been ...
TechCrunch

WordPress.com owner Automattic acquires an ActivityPub plug-in so blogs can join the Fediverse

WordPress.com sites now have an easier way to integrate with the Fediverse, including Mastodon. Automattic, the company behind WordPress.com, Tumblr and other web publishing tools, is the new owner of ...
Bleeping Computer

Wordpress Slick Popup Plugin Contains Vulnerable Support Backdoor

Hackers subscribed to WordPress websites running Slick Popup plugin can take over the website by enabling a backdoor administrator account with hardcoded credentials. The vulnerability is active at ...