Wordfence Research and News

Blog icon
Category: Podcasts
Think Like a Hacker Episode 95

Episode 95: Critical Privilege Escalation Vulnerabilities Affect Over 100K WordPress Sites

Three critical privilege escalation vulnerabilities in the Ultimate Member plugin put over 100,000 sites at risk.
Think Like a Hacker Ep 94

Episode 94: Hosting Provider Exposed 63 Million Customer Records

A hosting provider exposed over 63 million customer records via an open elastic search database containing verbose logs with plain-text username/password credentials for numerous WordPress, Magento and other sites.
Think Like a Hacker Episode 93

Episode 93: Nitro Documents on the Dark Web and Botnets Targeting Older Vulnerabilities

We cover a couple of breaking stories this week, including the emergency release of WordPress 5.5.3 on Friday, October 30.
Think Like a Hacker Episode 92

Episode 92: WordPress Forced Security Autoupdate Protects Sites from Loginizer Vulnerability

An easily exploitable SQL injection vulnerability was discovered in the Loginizer plugin installed on over one million WordPress sites, causing the WordPress team to force an update to sites using the vulnerable version.
Episode 91 Think Like a Hacker

Episode 91: How Hackers Can Use CSRF Vulnerabilities and Spearphishing to Wreak Havoc on WordPress

On this week’s episode of Think Like a Hacker, we chat about the cross-site request forgery (CSRF) vulnerability found in the Child Theme Creator by Orbisius and how attackers could use a vulnerability like this with spearphishing to wreak havoc, much like the phishing campaigns now being found on the Canva design platform.
Episode 90 Think Like a Hacker

Episode 90: WPBakery Plugin Vulnerability Exposes Over 4 Million Sites

A vulnerability discovered by the Wordfence Threat Intelligence team in the WPBakery plugin exposes over 4 million sites.
Think Like a Hacker Episode 89

Episode 89: Shopify Rogue Employees, Medium and Twitter Vulnerabilities, and Hackers Hiding Out in Corporate Networks

Shopify reports that two rogue employees stole data from 200 merchants on their platform.
Think Like a Hacker Episode 88

Episode 88: XCloner Vulnerabilities, LokiBot Malware, & a 14 Year Old Nets a $25K Bug Bounty

Our Threat Intelligence team discovered several vulnerabilities present in XCloner Backup and Restore, a WordPress plugin installed on over 30,000 sites.
Episode 87 Think Like a Hacker

Episode 87: Vulnerabilities Affect Discount Rules for WooCommerce Plugin, ModSecurity & Windows

Vulnerabilities were recently patched in the Discount Rules for WooCommerce plugin installed on over 40,000 WordPress sites.
Think Like a Hacker Episode 86

Episode 86: War of the Hackers

Millions of attacks have been targeting the recent File Manager plugin zero-day vulnerability discovered last week.
  • Ask Wordfence
  • General Security
  • Holiday
  • Learning
  • Long Read
  • Miscellaneous
  • Monthly Attack Activity Report
  • Podcasts
  • PSA
  • Research
  • SEO
  • Threat Research
  • Uncategorized
  • Videos
  • Vulnerabilities
  • Wordfence
  • Wordfence CLI
  • Wordfence Intelligence
  • WordPress Security

    • Breaking WordPress Security Research in your inbox as it happens.

    Example of a news story

    This site uses cookies in accordance with our Privacy Policy.