On February 7, 2022, Security Researcher Cyku Hong from DEVCORE reported a vulnerability to us that they discovered in WP Statistics, a WordPress...
Website Maintenance Tips
Critical Vulnerabilities in PHP Everywhere Allow Remote Code Execution
On January 4, 2022, the Wordfence Threat Intelligence team began the responsible disclosure process for several Remote Code Execution...
Announcing Wordfence Care and Wordfence Response
Today I’m incredibly excited to announce that we are launching two new products: Wordfence Care and Wordfence Response. Let’s start with a fun...
Unauthenticated XSS Vulnerability Patched in HTML Email Template Designer Plugin
On December 23, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in...
84,000 WordPress Sites Affected by Three Plugins With The Same Vulnerability
On November 5, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in...
WordPress 5.8.3 Security Release
On January 6, 2022, the WordPress core team released WordPress version 5.8.3, which contains security patches for 4 high-severity vulnerabilities....
1.6 Million WordPress Sites Hit With 13.7 Million Attacks In 36 Hours From 16,000 IPs
Today, on December 9, 2021, our Threat Intelligence team noticed a drastic uptick in attacks targeting vulnerabilities that make it possible for...
Authentication Bypass Vulnerability Patched in User Registration Plugin
Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On...
XSS Vulnerability Patched in Plugin Designed to Enhance WooCommerce
Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On...
AWS Attacks Targeting WordPress Increase 5X
The Wordfence Threat Intelligence team has been tracking a huge increase in malicious login attempts against WordPress sites in our network. Since...