Update – after this article was published, Denis Shagimuratov of CleanTalk reached out to us on Twitter. It appears that they didn’t receive our disclosure because our contact at the company was no longer the correct recipient for this type of issue. On February 15, 2022, the Wordfence Threat Intelligence team finished research on two …Read More
Read Later Add to Favourites antispam FireWall by CleanTalk Spam protection
On May 5, Patchstack published a security advisory about a high severity reflected cross-site scripting (XSS) vulnerability in ACF (Advanced Custom Fields), potentially affecting more than 4.5 mill…
WordPress SSRF Attack In 2021, Microsoft released a security advisory warning of a critical SSRF vulnerability in their Exchange Server software, which was being actively exploited in the wild by[…]
If you’re a Advanced Custom Fields free and pro user, please update the plugin to at least version 6.1.6.Patchstack Pro and Business users are protected from the vulnerability.
Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of backdoors: PHP scripts designed to[…]
How WP Engine automates security for over 1.5 million customer sites with WPScan. The Hero: WP Engine The Problem “We know that there are other options out there, but given[…]
WordPress powers over 43% of the web, and that makes it a prime target for hackers and bots. But […]