Vulnerabilities Archives - Page 39 of 41

Postman SMTP Plugin With Unpatched Vulnerability Removed From Directory

We have received a number of questions regarding the Postman SMTP plugin which was removed from the WordPress.org directory this week.

3 Zero-Day Plugin Vulnerabilities Being Exploited In The Wild

As part of our site cleaning service, our security analysts track down the method the attacker used to compromise the site.

XSS Vulnerability in WooCommerce Product Vendors Plugin

A reflected cross site scripting vulnerability has been reported in a premium WordPress plugin for WooCommerce known as the ‘Product Vendors‘ plugin.

TrafficTrade Infection Spreading – How to Protect Yourself and Detect TrafficTrade

We have seen a significant increase in the number of websites affected by malware we refer to as ‘TrafficTrade’.

WSO Shell: The Hack Is Coming From Inside The House!

Imagine that one day you discover that a burglar has broken into your home and attempted to make off with your big-screen TV.

WordPress 4.7.3 Security Release – Upgrade ASAP

WordPress 4.7.3 has just been released. It is the third in a series of recent security releases for WordPress core.

Rapid Growth in Defacements, Who was Hit, Who is Attacking

Yesterday we published numbers indicating how widespread the defacement campaign is targeting the REST-API vulnerability recently fixed in WordPress 4.7.2.

A Feeding Frenzy to Deface WordPress Sites

In this report we share data on the ongoing flood of WordPress REST-API exploits we are seeing in the wild.

WordPress 4.7.1 Security Release with PHPMailer Fix

WordPress 4.7.1 was released on Wednesday. It contains 8 security fixes including a fix for the PHPMailer issue, which we reported on in late December.

Critical Vulnerability in PHPMailer. Affects WP Core.

A critical remote code execution vulnerability in PHPMailer has been discovered by Polish researcher Dawid Golunski.

Wordfence Research and News