Feed

As the leader in WordPress security, Wordfence provides unparalleled security coverage that fully encompasses protection, active monitoring,...

Last week, there were 277 vulnerabilities disclosed in 184 WordPress Plugins and 70 WordPress Themes that have been added to the Wordfence...

On May 13th, 2026, we publicly disclosed a critical Authentication Bypass vulnerability in Burst Statistics, a WordPress plugin with 200,000 active...

On May 4th, 2026, we received a submission for an Unauthenticated Privilege Escalation vulnerability in the Kirki WordPress plugin. Although the...

In March 2026, the Wordfence Bug Bounty Program received 1718 vulnerability submissions from our growing community of security researchers working...

On March 24th, 2026, we received a submission for an Unauthenticated Administrator Account Creation vulnerability in WP Maps Pro, a WordPress plugin...

Last week, there were 99 vulnerabilities disclosed in 87 WordPress Plugins and 1 WordPress Theme that have been added to the Wordfence Intelligence...

Last week, there were 78 vulnerabilities disclosed in 62 WordPress Plugins and 2 WordPress Themes that have been added to the Wordfence Intelligence...

THREAT ANALYSIS May 2026 · Forensic Case Study A forensic breakdown of how an attacker turned CyberPanel’s SnappyMail logging into a persistent...