Bleeping Computer

Hackers exploit Modular DS WordPress plugin flaw for admin access

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass authentication remotely and access the vulnerable sites with admin-level ...
Hosted on MSN

Hackers exploit WordPress plugin security flaw exposing 40,000 websites

Patchstack found critical Modular DS flaw (CVE-2026-23550) allowing admin bypass Vulnerability scored 10/10 and is already being exploited in the wild Vendor released fix in version 2.5.2; users urged ...