Wordfence Research and News

Blog icon
Category: Vulnerabilities

Update ASAP! Critical Unauthenticated Arbitrary File Upload in MW WP Form Allows Malicious Code Execution

🎁 Wordfence just launched its bug bounty program. Through December 20th 2023, all researchers will earn 6.25x our normal bounty rates when Wordfence handles responsible disclosure for our Holiday Bug Extravaganza!

Earn up to $10,000 for Vulnerabilities in WordPress Software – 6X Rewards in the Wordfence Holiday Bug Extravaganza!

At Wordfence our mission is to Secure The Web. WordPress powers over 40% of the Web, and Wordfence secures over 4 million WordPress websites.

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 20, 2023 to November 26, 2023)

🎉Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus.

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 13, 2023 to November 19, 2023)

🎉Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus.

Several Critical Vulnerabilities including Privilege Escalation, Authentication Bypass, and More Patched in UserPro WordPress Plugin

On May 1, 2023, the Wordfence Threat Intelligence team began the responsible disclosure process for multiple high and critical severity vulnerabilities we discovered in Kirotech’s UserPro plugin, which is actively installed on more than 20,000 WordPress websites.

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 6, 2023 to November 12, 2023)

🎉Wordfence just launched its bug bounty program. Over the next 6 months, all awarded bounties receive a 10% bonus.

Wordfence Intelligence Weekly WordPress Vulnerability Report (October 30, 2023 to November 5, 2023)

🎉Wordfence just launched its bug bounty program. Over the next 6 months, all awarded bounties receive a 10% bonus.

Wordfence Launches Bug Bounty Program to Fund WordPress Security Research and Showcase Researchers

At Defiant Inc and Wordfence, our mission is to Secure the Web.

Wordfence Intelligence Weekly WordPress Vulnerability Report (October 16, 2023 to October 22, 2023)

Last week, there were 109 vulnerabilities disclosed in 95 WordPress Plugins and 1 WordPress theme that have been added to the Wordfence Intelligence Vulnerability Database, and there were 39 Vulnerability Researchers that contributed to WordPress Security last week.
Several Critical Vulnerabilities Patched in AI ChatBot Plugin for WordPress

Several Critical Vulnerabilities Patched in AI ChatBot Plugin for WordPress

On September 28, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for multiple vulnerabilities in AI ChatBot, a WordPress plugin with over 4,000 active installations.
  • Ask Wordfence
  • General Security
  • Holiday
  • Learning
  • Long Read
  • Miscellaneous
  • Monthly Attack Activity Report
  • Podcasts
  • PSA
  • Research
  • SEO
  • Threat Research
  • Uncategorized
  • Videos
  • Vulnerabilities
  • Wordfence
  • Wordfence CLI
  • Wordfence Intelligence
  • WordPress Security

    • Breaking WordPress Security Research in your inbox as it happens.

    Example of a news story

    This site uses cookies in accordance with our Privacy Policy.