This site uses cookies in accordance with our Privacy Policy.
Wordfence Research and News
Newest
Wordfence Intelligence Weekly WordPress Vulnerability Report (November 4, 2024 to November 10, 2024)
🦸 💥 Calling all superheroes and hunters! Introducing the End of Year Holiday Extravaganza and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through December 9th, 2024: All in-scope vulnerability types for WordPress plugins/themes with >= 1,000 active installations are in-scope for ALL researchers All plugins and themes with 50-999 active installs hosted in …
Read More
4,000,000 WordPress Sites Using Really Simple Security Free and Pro Versions Affected by Critical Authentication Bypass Vulnerability
On November 6th, 2024, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for an Authentication Bypass vulnerability in the Really Simple Security plugin, and in the Really Simple Security Pro and Pro Multisite plugins, which are actively installed on more than 4,000,000 WordPress websites.
Wrap Up the Year with the Biggest Scope and Rewards Yet: Join the Wordfence Bug Bounty Program End of Year Holiday Extravaganza!
The holidays are here, and so is your chance to earn big while helping secure the WordPress ecosystem!
WordPress Database Scanning For Malware Released in Wordfence CLI 5.0.1
Today we’re excited to announce the recent release of Wordfence CLI version 5.0.1 Now you can scan any WordPress database you have access to for malware and spamvertising with the new db-scan feature.
28,000 WordPress Sites Affected by Arbitrary File Read and Deletion Vulnerability in WPLMS WordPress Theme
On October 19th, 2024, we received a submission for an Arbitrary File Read and Deletion vulnerability in WPLMS, a WordPress premium theme with more than 28,000 sales.
Wordfence Price Increases Coming December 5th, 2024
We haven’t raised our prices in a relatively high inflation environment in 2 years, and in the case of Wordfence Care and Response, for 2.5 years.
Wordfence Intelligence Weekly WordPress Vulnerability Report (October 28, 2024 to November 3, 2024)
🦸 👻 Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program!
Announcing The Wordfence Audit Log: Off-Site Real-Time Security Event Logging for WordPress
The audit log captures and stores security-related events on your website as they happen, and sends them securely to an off-site location to protect them from tampering, and to store them for your analysis.
Wordfence Intelligence Weekly WordPress Vulnerability Report (October 21, 2024 to October 27, 2024)
🦸 👻 Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program!
10,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in AI Power: Complete AI Pack WordPress Plugin
On October 23rd, 2024, we received a submission for an Arbitrary File Upload vulnerability in AI Power: Complete AI Pack, a WordPress plugin with more than 10,000 active installations.
Breaking WordPress Security Research in your inbox as it happens.
