Security Feed
  1. Archives

Feb 12 2026 WordPress plugin with 900k installs vulnerable to critical RCE flaw

Source

A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files without authentication. [...]

Posted by Bill Toulas on Thu 12 February 2026 in BleepingComputer.

Tags: Security.

Categories

  1. Ars Technica
  2. AWS Security
  3. BleepingComputer
  4. Brian Krebs
  5. Bruce Schneier
  6. GCP Security
  7. Google Project Zero
  8. The Daily Swig
  9. The Guardian
  10. The Register
  11. Threatpost

Tag cloud

  • Security
  • Uncategorized
  • Security, Identity, & Compliance
  • Microsoft
  • Biz & IT
  • Security Blog
  • AI
  • Security & Identity
  • Google
  • CryptoCurrency
  • Announcements
  • Foundational (100)
  • Legal
  • Artificial Intelligence
  • A Little Sunshine
  • privacy
  • Apple
  • Mobile
  • squid
  • Intermediate (200)
  • hacking
  • Advanced (300)
  • Technical How-to
  • The Coming Storm
  • LLM

Security Feed. Powered by Pelican and m.css. Code is available on GitLab.