Doctor Web has discovered a malicious Linux program that hacks websites based on a WordPress CMS. It exploits 30 vulnerabilities in a number of plugins and themes for this platform.[…]
We are beyond excited to celebrate the winter holidays and launch of Patchstack Alliance Discord community with a special bug hunting event taking place throughout December 2022. In December, we[…]
Today we are incredibly excited to announce that Wordfence is launching an entirely free vulnerability database API and web interface, available for commercial use by hosting companies, security organizations, threat[…]
WordPress’ Security Team announced it will be dropping support for versions 3.7 through 4.0 on December 1, 2022. To give some context for how old these versions are, in 2013,[…]
On August 30, 2022, the WordPress core team released WordPress version 6.0.2, which contains patches for 3 vulnerabilities, including a High Severity SQLi vulnerability in the Links functionality as well[…]
It’s not uncommon for users to experience “DDoS Protection” pages when casually browsing the web. These DDoS protection pages are typically associated with browser checks performed by WAF/CDN services which[…]
On June 24, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a Cross-Site Request Forgery vulnerability we discovered in Ecwid Ecommerce Shopping Cart, a WordPress plugin[…]
On July 8, 2022 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Download Manager,” a WordPress plugin that is installed on over[…]
Cryptomining infections accounted for less than 4% of total detections last year. Despite the fact that CoinHive – one of the most popular JavaScript based miners – shut down its[…]
The Brute Protection Technique is the 3 Step process to secure WordPress websites from hack, malicious and brute force attacks in 2022.
Attempted attacks are just the background radiation of the internet – let’s look at practical examples of what constitutes a threat, and what does not.
The Wordfence Threat Intelligence team has been monitoring a sudden increase in attack attempts targeting Kaswara Modern WPBakery Page Builder Addons. This ongoing campaign is attempting to take advantage of[…]
While WordPress core is well-tested and widely used, it allows plugins to be installed. Those plugins can be developed by, well, anyone! They enable many significant enhancements to the core[…]
Our story starts like many others told on this blog: A new client came to us with reported cases of credit card theft on their eCommerce website.The website owner had[…]
Enter your account data and we will send you a link to reset your password.
To use social login you have to agree with the storage and handling of your data by this website. %privacy_policy%
AcceptHere you'll find all collections you've created before.
