Infosecurity Magazine

Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites

A critical vulnerability in the Everest Forms Pro plugin for WordPress has been actively exploited to hijack vulnerable ...
Windows Report

OpenAI Expands Codex Beyond Coders With New Job-Specific Plugins

OpenAI expands Codex with business plugins, website creation tools, and workflow features for non-developer teams.
Android

OpenAI Reimagines Codex as the Ultimate Corporate Desk Assistant with Six New Plugins

OpenAI has launched a significant enterprise-focused update for Codex, introducing six job-specific plugins for fields like data analytics, sales, and finance. The rollout includes a “Sites” feature ...
The Next Web

A WordPress plugin sold to 15,000 sites has a flaw that lets anyone create an admin account, and attackers are already using it

CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create admin accounts on 15,000+ WordPress sites. Wordfence blocked 2,858 attacks in 24 hours.

WP Maps Pro bug exploited to create admin accounts on WordPress sites

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...
Tech Times

WordPress 7.0 Ships AI Agent Infrastructure: API Key Theft Risk Surfaces on Launch Day

WordPress 7.0 “Armstrong,” released May 20, 2026, arrived without the real-time collaborative editing feature that had been its stated centerpiece for months — and within two days of launch, a securit ...

Funnel Builder WordPress plugin exploited to steal credit card details

Funnel Builder WordPress plugin is being exploited to steal people's credit cards but the flaw has since been patched.
Bleeping Computer

Funnel Builder WordPress plugin bug exploited to steal credit cards

A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. The flaw has not received an ...
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker bought 30+ WordPress plugins (Essential Plugin portfolio) on Flippa for six figures, planted a PHP deserialization backdoor in August 2025, then activated it eight months later to serve ...
theregister

Cloudflare previews 'EmDash' – an AI-driven rebuild of WordPress in TypeScript

The world's most popular CMS has been remade with the help of AI. Cloudflare has released EmDash version 0.1, described as a rebuild of the WordPress CMS (content management system) but using ...
Computerworld

Cloudflare’s new CMS is not a WordPress killer, it’s a WordPress alternative

WordPress's massive installed base isn't going anywhere, but many developers and AI agents are not opting for the product for new sites. Will they go for Cloudflare instead? Cloudflare on Wednesday ...
Ubuntu

EmDash: The Secure, Fast TypeScript Successor to WordPress

WordPress powers over 40% of the internet. It helped millions of people share their ideas for over 20 years. But, the web has changed a lot since WordPress first started. Today, many developers are ...