Last week, there were 87 vulnerabilities disclosed in 198 WordPress Plugins and 5 WordPress Themes that have been added to the Wordfence...
Feed
Authenticated Arbitrary File Upload Vulnerability Patched in Slider Revolution 7 WordPress Plugin
On April 18th, 2026, we received a submission for an Authenticated Arbitrary File Upload vulnerability in Slider Revolution, a WordPress plugin....
Attackers Actively Exploiting Critical Vulnerability in Breeze Cache Plugin
On April 22nd, 2026, we publicly disclosed a critical Arbitrary File Upload vulnerability in Breeze Cache, a WordPress plugin with an estimated...
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 20, 2026 to April 26, 2026)
Last week, there were 157 vulnerabilities disclosed in 122 WordPress Plugins and 27 WordPress Themes that have been added to the Wordfence...
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 13, 2026 to April 19, 2026)
Last week, there were 139 vulnerabilities disclosed in 116 WordPress Plugins and 10 WordPress Themes that have been added to the Wordfence...
Attackers Actively Exploiting Critical Vulnerability in Ninja Forms – File Upload Plugin
On April 6th, 2026, we publicly disclosed a critical Arbitrary File Upload vulnerability in Ninja Forms – File Upload, a WordPress plugin with an...
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 6, 2026 to April 12, 2026)
Last week, there were 153 vulnerabilities disclosed in 117 WordPress Plugins and 23 WordPress Themes that have been added to the Wordfence...
Attackers Actively Exploiting Critical Vulnerability in Kali Forms Plugin
On March 2nd, 2026, we received a submission through our Bug Bounty Program for a Remote Code Execution vulnerability in Kali Forms, a WordPress...
The Increasing Role of AI in Vulnerability Research
At Wordfence, we run a bug bounty program that pays out mid-six figures per year to researchers in bug bounties for WordPress related...
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 30, 2026 to April 5, 2026)
Last week, there were 54 vulnerabilities disclosed in 49 WordPress Plugins that have been added to the Wordfence Intelligence Vulnerability...