A critical remote code execution vulnerability in PHPMailer has been discovered by Polish researcher Dawid Golunski. The vulnerability was announced on legalhackers.com yesterday but proof of concept exploit details were not included. Unfortunately someone posted a proof of concept to exploit-db ...

Owners of WordPress-based websites should update the Jetpack plug-in as soon as possible because of a serious flaw that could expose their users to attacks. Jetpack is a popular plug-in that offers free website optimization, management and security features. It ...

Over the past few days, attackers have been exploiting an unpatched vulnerability in WP Mobile Detector, a WordPress plug-in installed on over 10,000 websites. The plug-in’s developer fixed the flaw, last Tuesday in version 3.6, but in addition to updating ...