Wordfence Research and News

Blog icon
Category: Research
Trump Campaign Site Hacked

Trump Campaign Site Hacked – What We Know & Lessons Learned

On October 27, 2020 at approximately 4:50pm Mountain Time, Donald Trump’s campaign website, www.donaldjtrump.com, was defaced.

High Severity Vulnerability Patched in Child Theme Creator by Orbisius

On September 9, 2020, our Threat Intelligence team discovered a vulnerability in Child Theme Creator by Orbisius, a WordPress plugin installed on over 30,000 sites.

Vulnerability Exposes Over 4 Million Sites Using WPBakery

On July 27th, our Threat Intelligence team discovered a vulnerability in WPBakery, a WordPress plugin installed on over 4.3 million sites.
High Severity Vulnerabilities in post grid and team showcase plugins feature image

High Severity Vulnerabilities in Post Grid and Team Showcase Plugins

On September 14, 2020, our Threat Intelligence team discovered two high severity vulnerabilities in Post Grid, a WordPress plugin with over 60,000 installations.

Critical Vulnerabilities Patched in XCloner Backup and Restore Plugin

On August 14, our Threat Intelligence team discovered several vulnerabilities present in XCloner Backup and Restore, a WordPress plugin installed on over 30,000 sites.
High Severity Vulnerabilities Patched in Discount Rules for WooCommerce feature image

High-Severity Vulnerabilities Patched in Discount Rules for WooCommerce

On August 20, 2020, the Wordfence Threat Intelligence team was made aware of several vulnerabilities that had been patched in Discount Rules for WooCommerce, a WordPress plugin installed on over 40,000 sites.
Attackers Fight for Control of Sites Compromised by File Manager Vulnerability Feature Image

Attackers Fight for Control of Sites Targeted in File Manager Vulnerability

Last week, we covered a vulnerability in the File Manager plugin installed on over 700,000 WordPress sites.

700,000 WordPress Users Affected by Zero-Day Vulnerability in File Manager Plugin

This morning, on September 1, 2020, the Wordfence Threat Intelligence team was alerted to the presence of a vulnerability being actively exploited in File Manager, a WordPress plugin with over 700,000 active installations.
High Severity Vulnerability Patched in Advanced Access Manager feature image

High-Severity Vulnerability Patched in Advanced Access Manager

On August 13, 2020, the Wordfence Threat Intelligence team finished investigating two vulnerabilities in Advanced Access Manager, a WordPress plugin with over 100,000 installations, including a high-severity Authorization Bypass vulnerability that could lead to privilege escalation and site takeover.
Critical Vulnerabilities Patched in Quiz and Survey Master Plugin

Critical Vulnerabilities Patched in Quiz and Survey Master Plugin

On July 17, 2020, our Threat Intelligence team discovered two vulnerabilities in Quiz and Survey Master (QSM), a WordPress plugin installed on over 30,000 sites.
  • Ask Wordfence
  • General Security
  • Holiday
  • Learning
  • Long Read
  • Miscellaneous
  • Monthly Attack Activity Report
  • Podcasts
  • PSA
  • Research
  • SEO
  • Threat Research
  • Uncategorized
  • Videos
  • Vulnerabilities
  • Wordfence
  • Wordfence CLI
  • Wordfence Intelligence
  • WordPress Security

    • Breaking WordPress Security Research in your inbox as it happens.

    Example of a news story

    This site uses cookies in accordance with our Privacy Policy.