On June 26, 2020, our Threat Intelligence team discovered a vulnerability in The Official Facebook Chat Plugin, a WordPress plugin installed on over 80,000 sites.
On July 23, 2020, our Threat Intelligence team discovered a vulnerability present in two themes by Elegant Themes, Divi and Extra, as well as Divi Builder, a WordPress plugin.
On July 13, 2020, our Threat Intelligence team was alerted to a recently patched vulnerability in Newsletter, a WordPress plugin with over 300,000 installations.
On June 12, 2020, Wordfence Threat Intelligence discovered an unauthenticated stored Cross-Site Scripting(XSS) vulnerability in TC Custom JavaScript, a WordPress plugin with over 10,000 installations.
On July 10, 2020, our Threat Intelligence team discovered a vulnerability in All In One SEO Pack, a WordPress plugin installed on over 2 million sites.
On June 15, 2020, our Threat Intelligence team was made aware of a number of access control vulnerabilities that had recently been disclosed in KingComposer, a WordPress plugin installed on over 100,000 sites.
On June 24, 2020, our Threat Intelligence team was made aware of a possible vulnerability in the Adning Advertising plugin, a premium plugin with over 8,000 customers.
Between May 29 and May 31, 2020, the Wordfence Firewall blocked over 130 million attacks intended to harvest database credentials from 1.3 million sites by downloading their configuration files.
A few weeks ago, our Threat Intelligence team discovered several vulnerabilities present in Page Builder: PageLayer – Drag and Drop website builder, a WordPress plugin actively installed on over 200,000 sites.
On May 6, our Threat Intelligence team was alerted to a zero-day vulnerability present in Elementor Pro, a WordPress plugin installed on approximately 1 million sites.
Breaking WordPress Security Research in your inbox as it happens.
This site uses cookies in accordance with our Privacy Policy.
Cookie Options
For additional information on how this site uses cookies, please review our Privacy Policy. The cookies used by this site are classified into the following categories and can be configured below.
Strictly Necessary
These Cookies are necessary for the Sites and Services to work properly. They include any essential authentication and authorization cookies for the Services.
* Cookies of this category are necessary for the site to function and cannot be disabled.
Performance/Analytical
These Cookies allow us to collect certain information about how you navigate the Sites or utilize the Services running on your device. They help us understand which areas you use and what we can do to improve them.
Targeting
These Cookies are used to deliver relevant information related to the Services to an identified machine or other device (not a named or otherwise identifiable person) which has previously been used to visit our Sites. Some of these types of Cookies on our Sites are operated by third parties with our permission and are used to identify advertising sources that are effectively driving customers to our Sites.