The Hacker News

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched in version 2.5.2.

Hackers exploit WordPress plugin security flaw exposing 40,000 websites to complete takeover risk - here's how to stay safe

In its write-up, Patchstack said the flaw is already being exploited in the wild, and that first attacks were detected on ...
CSO Online

Modular DS bug hands hackers instant WordPress admin access

Security researchers confirmed in-the-wild exploitations of the mx-severity flaw, allowing unauthenticated actors gain full ...

Hackers exploit Modular DS WordPress plugin flaw for admin access

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass ...
Searchenginejournal.com

WordPress Security Plugin Vulnerability Endangers 4 Million+ Sites

A critical vulnerability was discovered in a popular WordPress security plugin with over 4 million installations. The flaw allows attackers to log in as any user, including administrators, and gain ...