Swift Insights
Wordfence Intelligence Weekly WordPress Vulnerability Report (July 15, 2024 to July 21, 2024)
Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to...
10,000 WordPress Sites Affected by High Severity Vulnerabilities in BookingPress WordPress Plugin
Wordfence Intelligence Weekly WordPress Vulnerability Report (July 8, 2024 to July 14, 2024)
Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to...
Wordfence Intelligence Weekly WordPress Vulnerability Report (July 1, 2024 to July 7, 2024)
Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to...
Wordfence Intelligence Weekly WordPress Vulnerability Report (June 24, 2024 to June 30, 2024)
Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to...
WordPress Security Research: A Beginner’s Series
Learn How To Find WordPress Vulnerabilities Step-by-Step Welcome to the inaugural post of our WordPress Security Research Beginner’s Series! With the success of the Wordfence Bug Bounty Program, we wanted to provide emerging vulnerability researchers, and experienced...
3 More Plugins Infected in WordPress.org Supply Chain Attack Due to Compromised Developer Passwords
On June 24th, 2024, we became aware of a supply chain attack targeting multiple WordPress plugins hosted on WordPress.org. An attacker was able to successfully compromise five WordPress.org accounts, where the developers were utilizing credentials previously found in...
An Inside Look at The Malware and Techniques Used in the WordPress.org Supply Chain Attack
Wordfence Intelligence Weekly WordPress Vulnerability Report (June 17, 2024 to June 23, 2024)
Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to...
Developer Accounts Compromised Due to Credential Reuse in WordPress.org Supply Chain Attack
On June 24th, 2024, the Wordfence Threat Intelligence Team became aware of a WordPress plugin, Social Warfare, that was infected with malware through the WordPress repository. Upon further investigation, our team quickly identified 4 additional affected plugins...