Wordfence Research and News

Blog icon
Episode 90 Think Like a Hacker
Newest

Episode 90: WPBakery Plugin Vulnerability Exposes Over 4 Million Sites

A vulnerability discovered by the Wordfence Threat Intelligence team in the WPBakery plugin exposes over 4 million sites. High severity vulnerabilities were discovered in the Post Grid and Team Showcase plugins. The online avatar service Gravatar, has been exposed to a user enumeration technique, which could be abused to collect data on its users’ profiles, …
Read More

Think Like a Hacker Episode 89

Episode 89: Shopify Rogue Employees, Medium and Twitter Vulnerabilities, and Hackers Hiding Out in Corporate Networks

Shopify reports that two rogue employees stole data from 200 merchants on their platform.
Think Like a Hacker Episode 88

Episode 88: XCloner Vulnerabilities, LokiBot Malware, & a 14 Year Old Nets a $25K Bug Bounty

Our Threat Intelligence team discovered several vulnerabilities present in XCloner Backup and Restore, a WordPress plugin installed on over 30,000 sites.
Episode 87 Think Like a Hacker

Episode 87: Vulnerabilities Affect Discount Rules for WooCommerce Plugin, ModSecurity & Windows

Vulnerabilities were recently patched in the Discount Rules for WooCommerce plugin installed on over 40,000 WordPress sites.
Think Like a Hacker Episode 86

Episode 86: War of the Hackers

Millions of attacks have been targeting the recent File Manager plugin zero-day vulnerability discovered last week.
Think Like a Hacker Episode 85

Episode 85: 0Day in File Manager Plugin and WordPress 5.5.1 Fixes Broken Sites

Over 700,000 WordPress users were affected by a zero-day vulnerability in the File Manager plugin, and the WordPress 5.5.1 release fixed millions of sites affected by deprecation of jQuery Migrate.
Think Like a Hacker Episode 84

Episode 84: Google Chrome Plans to Implement Insecure Form Warnings

The Google Chrome web browser has a high-severity vulnerability that could be used to execute arbitrary code, which has been fixed in Chrome version 85.
Think Like a Hacker Episode 83

Episode 83: 100,000 Sites Impacted by Vulnerabilities in Advanced Access Manager

The Wordfence Threat Intelligence team discovered vulnerabilities in the Advanced Access Manager plugin installed on over 100,000 WordPress sites.
Think Like a Hacker Episode 82

Episode 82: Important Changes in the WordPress 5.5 Update

WordPress 5.5 was released on August 11 with a number of important updates, including a new feature allowing auto-updates of themes and plugins as well as changes to the block editor.
episode 81 think like a hacker

Episode 81: Critical Vulnerability Exposes over 700,000 Sites Using Divi, Extra, and Divi Builder

Our Threat Intelligence team disclosed numerous vulnerabilities this week, including a critical vulnerability in the Divi and Extra themes as well as the Divi Builder plugin.
  • Ask Wordfence
  • General Security
  • Holiday
  • Learning
  • Long Read
  • Miscellaneous
  • Monthly Attack Activity Report
  • Podcasts
  • PSA
  • Research
  • SEO
  • Threat Research
  • Uncategorized
  • Videos
  • Vulnerabilities
  • Wordfence
  • Wordfence CLI
  • Wordfence Intelligence
  • WordPress Security

    • Breaking WordPress Security Research in your inbox as it happens.

    Example of a news story

    This site uses cookies in accordance with our Privacy Policy.