One place to keep you updated about WordPress Security news.
If you are using Social Warfare Plugin, you need to know this.
They actually sent emails to everyone warning to either update or delete their plugin.
I don’t use that plugin, my theme came with great special features
If your WordPress website is using this plugin, you are advised to either disable “Categorize Uploaded Files” option in the setting or disable the plugin completely until a new patched version becomes available.
Security issue discovered in WP Live Chat Support plugin.
Yesterday evening, the website of the popular WordPress Multilingual Plugin (WPML) plugin was hacked. The alleged former employee who reportedly hacked the site sent emails to WPML users expressing that the plugin is loaded up with vulnerabilities.
However, the company has denied the claims of vulnerabilities in the plugin, but they did confirm that their website was hacked.