This story first broke on July 2, 2026.
UPDATED: as of July 17, 2026, Chrome shipped a second major security release fixing 382 additional vulnerabilities, a separate patch wave from the one originally covered. (Malwarebytes)
How to Update Chrome
1. Click the three-dot menu (⋮) in the top-right corner of Chrome
2. Go to Help → About Google Chrome
3. Chrome checks for updates automatically and starts downloading if one’s available
4. Click Relaunch to finish installing it
If you manage your WordPress site by logging into the dashboard through Chrome, an outdated browser is now a real way in for someone else.
Your WordPress Login Is Only as Secure as the Browser You Use to Reach It
Google shipped one of its largest Chrome security updates in recent memory, patching 382 separate issues, including flaws that let an attacker escape the browser’s normal security boundaries. For most people this is routine background maintenance. For anyone who logs into a WordPress dashboard, hosting control panel, or business email through Chrome, it’s more direct than that, an outdated browser is an open door into the accounts that control your website.
A compromised login session in an outdated browser doesn’t need a WordPress vulnerability at all. It can bypass the site entirely and go straight for the credentials.
What to Do
- Update Chrome now. Most updates apply automatically after a restart, so closing and reopening the browser is often all it takes.
- Do this on every device you or anyone with access to your WordPress dashboard uses to log in, not just your primary computer.
- If your WordPress admin account doesn’t use two-factor authentication, this is a good moment to turn it on. A patched browser and a second login step cover two different ways in.
The site itself can be fully secure and still get compromised through the browser logging into it. A quick security check across your login setup covers both sides of that, not just the WordPress install.
Source: Forbes