István Márton, Author at Wordfence

30,000 WordPress Sites affected by Arbitrary SQL Execution Vulnerability Patched in Visualizer WordPress Plugin

$563 Bounty Awarded for Reflected Cross-Site Scripting Vulnerability Patched in Yoast SEO WordPress Plugin

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

$197 Bounty Awarded for Unauthenticated Arbitrary Post Deletion Vulnerability Patched in LeadConnector WordPress Plugin

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

$493 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in WP Datepicker WordPress Plugin

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

$2,063 Bounty Awarded for Privilege Escalation Vulnerability Patched in User Registration WordPress Plugin

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

$400 Bounty Awarded for SQL Injection Vulnerability Patched in WP Activity Log Premium WordPress Plugin

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

$937 Bounty Awarded for Privilege Escalation and Local File Inclusion Vulnerabilities Patched in MasterStudy LMS WordPress Plugin

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

$657 Bounty Awarded for Arbitrary File Upload Patched in WEmanage App Worker WordPress Plugin

On February 1st, 2024, during our Bug Bounty Extravaganza, we received a submission for an Arbitrary File Upload vulnerability in Management App for WooCommerce, a WordPress plugin with 1,000+ active installations.

$5,500 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in LayerSlider WordPress Plugin

On March 25th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an unauthenticated SQL Injection vulnerability in LayerSlider, a WordPress plugin with more than 1,000,000 estimated active installations.

Wordfence Research and News

30,000 WordPress Sites affected by Arbitrary SQL Execution Vulnerability Patched in Visualizer WordPress Plugin

$563 Bounty Awarded for Reflected Cross-Site Scripting Vulnerability Patched in Yoast SEO WordPress Plugin

$197 Bounty Awarded for Unauthenticated Arbitrary Post Deletion Vulnerability Patched in LeadConnector WordPress Plugin

$493 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in WP Datepicker WordPress Plugin

$2,063 Bounty Awarded for Privilege Escalation Vulnerability Patched in User Registration WordPress Plugin

$400 Bounty Awarded for SQL Injection Vulnerability Patched in WP Activity Log Premium WordPress Plugin

$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin

$937 Bounty Awarded for Privilege Escalation and Local File Inclusion Vulnerabilities Patched in MasterStudy LMS WordPress Plugin

$657 Bounty Awarded for Arbitrary File Upload Patched in WEmanage App Worker WordPress Plugin

$5,500 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in LayerSlider WordPress Plugin

Breaking WordPress Security Research in your inbox as it happens.

Wordfence Research and News

Breaking WordPress Security Research in your inbox as it happens.

Cookie Options

Strictly Necessary

Performance/Analytical

Targeting