Bleeping Computer

75k WordPress sites impacted by critical online course plugin flaws

The WordPress online course plugin 'LearnPress' was vulnerable to multiple critical-severity flaws, including pre-auth SQL injection and local file inclusion. LearnPress is a learning management ...
The Chronicle of Higher Education

Jetpack Plugin for Course Websites

Of the perennial ProfHacker favorites, WordPress is probably neck and neck with Zotero as our most written about topic. From course blogs to department websites to ProfHacker itself, we like WordPress ...
TechRadar

Thousands of WordPress sites at risk from online course plug-in flaw

Tens of thousands of WordPress websites are vulnerable to multiple high-severity flaws found in a popular plug-in, security researchers have claimed. Experts at PatchStack discovered three ...
Searchenginejournal.com

Critical Vulnerability Affects Tutor LMS Pro WordPress Plugin

An advisory was issued about a critical vulnerability in the popular Tutor LMS Pro WordPress plugin. The vulnerability, rated 8.8 on a scale of 1 to 10, allows an authenticated attacker to extract ...
TechRadar

This popular WordPress security plugin has a worrying flaw which exposed user data

WordPress plugin flaw let low-privileged users access sensitive server files and credentials CVE-2025-11705 affects plugin versions 4.23.81 and earlier; patch released October 15 About 50,000 sites ...
Hosted on MSN

WordPress plugin with over a million installs may have a worrying security flaw - here's what we know

W3 Total Cache (W3TC), a WordPress plugin with more than a million users, carries a critical-severity vulnerability that allows threat actors to fully take over compromised websites, experts have ...