Vulnerabilities Archives - Page 38 of 41

Duplicator Update Patches Remote Code Execution Flaw

A critical remote code execution (RCE) vulnerability has been patched in the latest release of Duplicator, a WordPress backup and migration plugin with millions of downloads.

Ninja Forms Security Updates: What You Need To Know

Yesterday, the popular WordPress plugin Ninja Forms released version 3.3.14, which disclosed and patched two security issues present in the plugin.

Details of an Additional File Deletion Vulnerability – Patched in WordPress 4.9.7

Today WordPress released version 4.9.7, a security release which addresses two separate arbitrary file deletion vulnerabilities requiring Author privileges.

Arbitrary File Deletion Flaw Present in WordPress Core

The security community has been abuzz this week following the disclosure of a vulnerability present in all current versions of WordPress.

Service Vulnerability: MelbourneIT Fixes NFS Permissions Problem

In February, we wrote about a vulnerability on three shared hosting services.

Service Vulnerabilities: 3 Hosting Companies Fix NFS Permissions Problem

In mid-December we updated our Vulnerability Disclosure Policy to include Service Vulnerabilities.

New Service Vulnerability Disclosure Policy

The Wordfence team regularly discovers security issues with commercial services, such as WordPress hosting providers, that put their users at risk.

Vulnerabilities in Formidable Forms, Duplicator and Yoast SEO Plugins

Vulnerabilities have been reported in the Formidable Forms, Duplicator and Yoast SEO WordPress plugins.

Zero Day Vulnerability Fixed in Ultimate Form Builder Lite

Last month, we identified three plugins with critical object injection vulnerabilities, all being exploited in the wild.

12.8% of Sites Have Sensitive File Disclosure Vulnerabilities

As you probably know we launched Gravityscan this May. Gravityscan is a security scanner for any website that serves as a great complement to Wordfence.

Wordfence Research and News