WordPress Security Research and News

RSS Feed

Critical WordPress Plugin Vulnerability Patched: What You Need to Do Right Now

May 21st, 2026

Critical WordPress Plugin Vulnerability Patched: What You Need to Do Right Now

If you use WordPress, you’ve probably seen news about a plugin vulnerability being discovered and patched. It happens more often than most website own...

blog

2026 WordPress Security Trends and Predictions

May 14th, 2026

2026 WordPress Security Trends and Predictions

WordPress now powers around 43.5% of all websites on the internet, making it one of the biggest targets for cyberattacks. Every day, thousands of webs...

blog

VMP™ Intelligence Weekly WordPress Security Report

February 1st, 2026

VMP™ Intelligence Weekly WordPress Security Report

Last week we saw 3.2 vulnerabilities discovered and reported across the WordPress ecosystem.

blog

100,000 WordPress Sites Hacked Via This Backdoor Plugin

February 1st, 2026

100,000 WordPress Sites Hacked Via This Backdoor Plugin

Security researchers have uncovered a massive campaign targeting WordPress sites through a backdoor plugin.

blog

VMP™ Bug Bounty Program Monthly Report

February 1st, 2026

VMP™ Bug Bounty Program Monthly Report

VMP™ Bug Bounty Program receives more than 100 security vulnerability submissions this month from researchers.

blog

VMP™ Intelligence Weekly WordPress Vulnerability Report

February 1st, 2026

VMP™ Intelligence Weekly WordPress Vulnerability Report

Last week saw substantial increase in attempted attacks. Our security team has been actively monitoring these trends.

blog

Attackers Actively Exploiting Critical WP Plugin Vulnerability

February 1st, 2026

Attackers Actively Exploiting Critical WP Plugin Vulnerability

Threat researchers at Company LLC Extension vulnerability is being actively exploited in the wild targeting admins.

blog

100,000 WordPress Sites Infected Via Balada Injector Compromised WordPress Plugin

February 1st, 2026

100,000 WordPress Sites Infected Via Balada Injector Compromised WordPress Plugin

Balada Injector malware campaign has infected more than 100K WordPress sites compromised through plugin flaws.

blog

Browse by Category

Filter research and articles by topic

All blog

This website uses cookies, pixels, and similar technologies (collectively "Cookies") to improve your browsing experience. By clicking "Accept All", you agree to the storing of Cookies on your device and that we may share, track, store, and analyze your interactions with the website to enhance site navigation, analyze site usage, and assist in our marketing efforts. For more information on our use of cookies please review our Cookie Policy.

Cookie Settings

For additional information on how this site uses cookies, please review our Privacy Policy. The cookies used by this site are classified into the following categories and can be configured below.

Strictly Necessary

Always active

The "Strictly Necessary" cookies are necessary for the Sites and Services to work properly, and cannot be disabled. They include any essential authentication and authorization cookies for the Services. If you select the "Reject All" button, or choose to do nothing, only the strictly necessary cookies are active by default.

Functional

These cookies allow us to remember choices you make, such as your username, language, or region. This helps provide a more personalized and consistent experience by tailoring the Services to your preferences. For example, we can remember your preferred settings or login details, so you don't have to re-enter them each time you visit.

Performance/Analytical

These Cookies allow us to collect certain information about how you navigate the Sites or utilize the Services running on your device. They help us understand which areas you use and what can do to improve them.

Targeting

These Cookies are used to deliver relevant information related to the Services to an identified machine or other device (not a named or otherwise identifiable person) which has previously been used to visit our Sites. Some of these types of Cookies on our Sites are operated by third parties with our permission and are used to identify advertising sources that are effectively driving customers to our Sites.