Bleeping Computer

Backdoor baked into premium school management plugin for WordPress

Security researchers have discovered a backdoor in a premium WordPress plugin designed as a complete management solution for schools. The malicious code enables a threat actor to execute PHP code ...
Searchenginejournal.com

ThirstyAffiliates WordPress Plugin Vulnerabilities

The United States National Vulnerability Database (NVD) announced that the Thirsty Affiliate Link Manager WordPress plugin has two vulnerabilities that can allow a hacker to inject links. Additionally ...
TechJuice

Code Red for WordPress: Why Security Experts Are Calling This the “Worst Bug of 2026”

Over 40,000 WordPress sites are affected by a new malware flaw. Site owners must update plugins, scan for infections, and ...
searchenginewatch

New Google Publisher Plugin for WordPress Lets You Verify Your Site, Manage AdSense

The new official Google Publisher Plugin makes it simple to verify a WordPress site for Webmaster Tools with one click, and is also designed to make it very easy for webmasters to add AdSense code to ...
Ars Technica

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability ...

Prime SEO Announces Update to WordPress SEO Plugin

The 2026 release is intended to support long-term website performance by reducing technical errors, improving indexability, and ensuring compatibility with future algorithm changes. Prime SEO states ...
Computerworld

How to build a WordPress plugin administration section

In the last post I showed you how to get started building a WordPress plugin from scratch. Now I’d like to show you how to add administrative features to the back end of WordPress so that your plugin ...