During the week of 04/06/2026 to 04/13/2026, 93 vulnerabilities affecting WordPress were published in the Seckhmet […]
Seckhmet – Weekly WordPress Vulnerability Report (03/30/2026 to 04/06/2026)
During the week of 03/30/2026 to 04/06/2026, 45 vulnerability(ies) affecting WordPress were published in the […]
From bypassing a blacklist of SQL keywords to SQL injection
Introduction During a security audit of WordPress plugins, we discovered a SQL injection vulnerability in […]
Critical vulnerability in the WordPress Sneeit framework: unauthenticated code execution (CVE-2025-6389) actively exploited
A critical Remote Code Execution (RCE) vulnerability affecting the Sneeit framework — a core plugin […]
The illusion of “all-in-one” ASM tools: why specialization makes the difference
A tempting… but misleading promise In recent years, Attack Surface Management (ASM) has become a […]
WordPressImageOptimizer: An Image Compression Plugin… and a Malicious Redirection Tool
A new malicious plugin disguised as an image optimization tool is currently targeting WordPress sites. […]
Critical Vulnerability in the WordPress Theme Motors: Widespread Exploitation to Hijack Administrator Accounts
A critical privilege escalation vulnerability (CVE-2025-4322) in the WordPress Motors theme is being actively exploited […]