Wordfence Research and News

Blog icon

SSL Will be Free Starting Summer 2015

If you aren’t using SSL to have a conversation with a website, your traffic is readable by anyone on the Net who can see your network packets flying past.

Wordfence 5.3.2 Released, now with Referer Blocking

The newest version of Wordfence includes a much requested feature and you can thank Tim Cantrell for listening to your requests and getting us to put this in 5.3.2.

Wordfence 5.3.1 Released with full documentation, updated Geo DB and Improved Export

Wordfence 5.3.1 has just been released. We’re excited to announce that Wordfence is now fully documented.

WordPress Security: Vulnerabilities in BulletProof Security .51 and Notes on Responsible Disclosure

Multiple vulnerabilities exist in BulletProof Security version .51 and earlier including an XSS, SQL injection and SSRF vulnerability.

Wordfence 5.2.9 Released with Options Export and Import

Wordfence 5.2.9 was released last night with a much-requested feature: You can now export your Wordfence settings and re-import them on another site or on multiple sites.

Are Web Application Firewalls Vulnerable?

Anyone else remember Gauntlet or Firewall-1? They were two of the most popular firewall products back in the early 1990’s when Firewalls were just beginning to reach the market.

WordPress Security: Vulnerability in WP eCommerce Plugin

A serious vulnerability was announced within the last 24 hours in the WP eCommerce Plugin.

Wordfence 5.2.8 Released: All Wordfence Options now Fully Documented!

Wordfence 5.2.8 was released this evening. Doing a quick diff on the code for Wordfence 5.2.8, it might not look like we have changed much, but this is the launch of the long-awaited Wordfence documentation for our options page.

WordPress Security Plugin Vulnerabilities for Oct 30th

This is a WordPress security report for Oct 30th 2014. We are publishing a list of current critical vulnerabilities that we want to draw your attention to.

What to do about the POODLE SSL Vulnerability for Surfers, Admins and Devs

POODLE which stands for “Padding Oracle On Downgraded Legacy Encryption”, describes a security vulnerability in the SSL Version 3 cryptogram used by older Internet browsers.
  • Ask Wordfence
  • General Security
  • Holiday
  • Learning
  • Long Read
  • Miscellaneous
  • Monthly Attack Activity Report
  • Podcasts
  • PSA
  • Research
  • SEO
  • Threat Research
  • Uncategorized
  • Videos
  • Vulnerabilities
  • Wordfence
  • Wordfence CLI
  • Wordfence Intelligence
  • WordPress Security

    • Breaking WordPress Security Research in your inbox as it happens.

    Example of a news story

    This site uses cookies in accordance with our Privacy Policy.