News

Yoast SEO Plugin Bug Inserts Hidden AI HTML Code
Yoast pushed out an emergency fix after users discovered that its plugin was leaking AI-related code into WordPress content.
Bleeping Computer1y
Evasive Sign1 malware campaign infects 39,000 WordPress sites - BleepingComputer
Once the threat actors gain access, they use WordPress custom HTML widgets or, more commonly, install the legitimate Simple Custom CSS and JS plugin to inject the malicious JavaScript code.
Ars Technica11y
Wordpress plugin to insert javascript | Ars OpenForum - Ars Technica
I'm looking for a Wordpress plugin that will allow me to insert javascript into the HTML editor. Here's the problem though: I need to be able to insert PHP within the script I'm inserting. Here's ...
TechRadar1y
Major new malware campaign hits thousands of WordPress sites
Sign1 malware redirects WordPress ... the threat actors either injected the malware into custom HTML widgets and plugins, or installed Simple Custom CSS and JS plugins to add the JavaScript ...
PC World10y
Attackers exploit zero-day flaw in popular WordPress plug-in
WordPress sites with the plug-in Fancybox-for-WordPress should apply a critical security update released Thursday that fixes a vulnerability already exploited by attackers. Researchers from Web ...
Wired9y
WordPress.com Gets a New Face and Joins the JavaScript Age
WordPress has unveiled a new, totally rewritten admin interface today. And below the surface, you'll see something remarkable: JavaScript instead of PHP.