This site uses cookies in accordance with our Privacy Policy.
Wordfence Research and News
Vulnerability in FancyBox Plugin for WordPress – Update immediately
A serious vulnerability has been discovered in the FancyBox plugin for WordPress.
Wordfence 5.3.6 Released!
Wordfence 5.3.6 has just been released! This version includes a few important fixes and a few awesome new features including the ability to block anyone (or anything) from submitting a form to your site if they have a blank referrer header and user-agent header.
Wordfence 5.3.5 Released
Wordfence 5.3.5 was released a few seconds ago and is busy propagating out to the repository.
Wordfence 2015 Update and Three Plugin Vulnerabilities You Should Know About
2015 is going to be an exciting year for WordPress publishers.
WordPress Security: Multiple Vulnerabilities in InfiniteWP Admin Panel. Upgrade immediately.
About an hour ago researcher Walter Hop from Slik BV in the Netherlands disclosed multiple serious vulnerabilities in the InfiniteWP Admin Panel on the Full Disclosure and Bugtraq mailing lists.
WordPress Security: Serious Vulnerability in WordPress Download Manager
There is a serious vulnerability in the WordPress Download Manager plugin that allows a remote attacker to upload malicious scripts to your website, gain administrative access and modify passwords.
WordPress Security: Reminder to Upgrade SSL Certificates from SHA1 to SHA2
With Chrome version 39 which is in the process of being released (see footnote), Google has started issuing warnings if a website is using a certificate that has a signature algorithm that uses the older and less secure SHA1.
WordPress Security: Nulled Scripts and the CryptoPHP Infection
Our friends over at Fox-IT based in Delft in the Netherlands just contacted me with some amazing research they’ve just published.
Multiple Critical Vulnerabilities in WordPress Core
WordPress 4.0.1 has just been released and with it the announcement that multiple critical vulnerabilities have been discovered and fixed in several versions of WordPress Core including the current version 4.0.
Wordfence 5.3.3 Released
Wordfence 5.3.3 has been released. It contains an important security fix along with improved recognition of private IP address ranges and a fix for a warning which appeared in the previous release.
Breaking WordPress Security Research in your inbox as it happens.
