In case you missed it, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme and, plugin...
Website Maintenance Tips
High-Severity XSS Vulnerability in Metform Elementor Contact Form Builder
On January 4, 2023, independent security researcher Mohammed Chemouri reached out to the Wordfence Vulnerability Disclosure program to responsibly...
Multiple Vulnerabilities Patched in Quick Restaurant Menu Plugin
On January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress...
The Wordfence 2022 State of WordPress Security Report
Today, the Wordfence Threat Intelligence team is releasing our 2022 State of WordPress Security Report as a free White Paper. In our report, we look...
PSA: Your Site Isn’t Hacked By This Bitcoin Scam, Keep the Money
On January 19th, 2023, a member of the Wordfence Threat Intelligence team received an email from their personal blog, claiming the site had been...
Holiday Attack Spikes Target Ancient Vulnerabilities and Hidden Webshells
Winter brings a number of holidays in a short period of time, and many organizations shut down or run a skeleton crew for a week or more at the end...
Eleven Vulnerabilities Patched in Royal Elementor Addons
On December 23, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a set of 11 vulnerabilities in Royal...
PSA: YITH WooCommerce Gift Cards Premium Plugin Exploited in the Wild
The Wordfence Threat Intelligence team has been tracking exploits targeting a Critical Severity Arbitrary File Upload vulnerability in YITH...
Exploiting WordPress Plugin Vulnerabilities to Steal AWS Metadata
In an ideal world, vulnerabilities would not exist. A request would be sent to a server, properly validated, and only the intended information would...
How Much is Your Hacked Site Worth?
The Wordfence Threat Intelligence team has recently concluded an investigation of online marketplaces, colloquially known “shops” by threat actors,...