Bleeping Computer

Critical WordPress Plugin Bug Allows Admin Logins Without Password

A critical authentication bypass vulnerability allows anyone to log in as an administrator user on WordPress sites running an affected version of the InfiniteWP Client because of logical mistakes in ...
Bleeping Computer

Vulnerability in AMP for WP Plugin Allowed Admin Access to WordPress

A vulnerability for the very popular AMP for WP WordPress plugin with a 100 thousand active installations allows any registered user to escalate their privileges to gain administrative access to the ...
Infosecurity-magazine.com

LiteSpeed Cache Plugin Vulnerability Poses Admin Access Risk

A vulnerability in the LiteSpeed Cache plugin for WordPress, which has over 6 million active installations, has been discovered allowing unauthenticated visitors to gain administrator-level access by ...
TechRadar

This WordPress plugin grants hackers 'ultimate' admin access to your site

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Thousands of WordPress sites could be at risk as a vulnerability in the Ultimate Member plugin ...
Bitdefender

Burst Statistics flaw opens WordPress sites to admin takeover

Hackers are exploiting CVE-2026-8181 in Burst Statistics to hijack WordPress sites. Users should update to version 3.4.2 now.