WordPress is a technology platform tracked across 50 threat clusters and 254 intelligence report mentions on ThreatCluster. First observed October 29, 2025; most recent activity July 17, 2026.
CVE-2026-2441 is a zero-day CSS vulnerability affecting all Chromium-based browsers, allowing attackers to exploit a use-after-free condition in the Blink rendering engine. This vulnerability enables the theft of…
A critical vulnerability in the Joomla Content Editor (JCE), tracked as CVE-2026-48907, allows unauthenticated attackers to execute remote code on affected Joomla sites. This flaw affects JCE versions below 2.9.99.6 and…
A critical vulnerability in the Modular DS WordPress plugin has been actively exploited since January 13, 2026, allowing attackers to gain administrative access. Security researchers have confirmed that this flaw poses…
A critical unauthenticated SQL injection vulnerability (CVE-2026-49776) has been identified in the GPTranslate plugin for WordPress, affecting versions 2.32.6 and earlier. This flaw allows attackers to execute arbitrary…
A critical vulnerability, CVE-2026-42945, has been discovered in the NGINX web server's ngx_http_rewrite_module, allowing unauthenticated attackers to execute remote code or crash servers. This heap-based buffer…
A critical vulnerability (CVE-2026-0740) in the Ninja Forms File Uploads plugin for WordPress allows unauthenticated attackers to upload arbitrary files, potentially leading to remote code execution. This flaw, with a…
A critical vulnerability, CVE-2026-58480, has been identified in the Blocksy Companion Pro plugin for WordPress versions prior to 2.1.47. This unauthenticated arbitrary file upload vulnerability allows attackers to…
On June 18, 2026, international law enforcement agencies launched Operation Endgame, disrupting the SocGholish malware infrastructure linked to the Russian cybercrime group Evil Corp. The operation resulted in the…
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is critically vulnerable to privilege escalation via account takeover, affecting all versions up to and including 5.9.9.5. The vulnerability…
A critical vulnerability (CVE-2026-8206) in the Kirki WordPress plugin allows unauthenticated attackers to hijack user accounts, including admin accounts, on over 500,000 websites. Detected by Defiant's Wordfence…