The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.
TechCrunch

WordPress to ditch React library over Facebook patent clause risk

Matt Mullenweg, the co-founder of the popular open source web publishing software WordPress, has said the community will be pulling away from using Facebook’s React JavaScript library over concerns ...
Technical

Women/InTech: 50 women talk WordPress, JavaScript, startups

Spun out of a roundtable on sustaining a growth of female technologists, Baltimore’s first Women/InTech conference brought out some 50 women for an entry point into the technology community during ...
The Next Web

A WordPress plugin sold to 15,000 sites has a flaw that lets anyone create an admin account ...

CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create admin accounts on 15,000+ WordPress sites. Wordfence blocked 2,858 attacks in 24 hours.
Ars Technica

Hundreds of WordPress sites infected by recently discovered backdoor

Malware that exploits unpatched vulnerabilities in 30 different WordPress plugins has infected hundreds if not thousands of sites and may have been in active use for years, according to a writeup ...
TechCrunch

The WordPress vs. WP Engine drama, explained

This story has been updated throughout with more details as the story has developed. We will continue to do so as the case and dispute are ongoing. The community around WordPress, one of the most ...