This site uses cookies in accordance with our Privacy Policy.
Wordfence Research and News
Category: Vulnerabilities
6,000 WordPress Sites Affected by Unauthenticated Critical Vulnerability in WP Job Portal WordPress Plugin
On August 7th, 2024, we received a submission for an unauthenticated Local File Inclusion, Arbitrary Settings Update, and User Creation vulnerability in WP Job Portal, a WordPress plugin with more than 6,000 active installations.
1,000,000 WordPress Sites Protected Against Unique Remote Code Execution Vulnerability in WPML WordPress Plugin
On June 19th, 2024, we received a submission for a Remote Code Execution via Twig Server-Side Template Injection vulnerability in WPML, a WordPress plugin with more than 1,000,000 active installations.
Wordfence Intelligence Weekly WordPress Vulnerability Report (August 12, 2024 to August 18, 2024)
đĸ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors?
$4,998 Bounty Awarded and 100,000 WordPress Sites Protected Against Unauthenticated Remote Code Execution Vulnerability Patched in GiveWP WordPress Plugin
đĸ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors?
10,000 WordPress Sites Affected by Arbitrary File Read and Delete Vulnerability in InPost PL and InPost for WooCommerce WordPress Plugins
đĸ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors?
Wordfence Intelligence Weekly WordPress Vulnerability Report (August 5, 2024 to August 11, 2024)
đĸ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors?
5,000 WordPress Sites Affected by Unauthenticated Remote Code Execution Vulnerability in JS Help Desk WordPress Plugin
đĸ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors?
Wordfence Intelligence Weekly WordPress Vulnerability Report (July 29, 2024 to August 4, 2024)
đĸ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors?
Wordfence Intelligence Weekly WordPress Vulnerability Report (July 22, 2024 to July 28, 2024)
đĸ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors?
Over 8,000 Exploit Attempts Already Blocked For Recently Patched Unauthenticated Arbitrary File Upload Vulnerability in įŽæ°ééå¨ (Keydatas) WordPress Plugin
On June 18th, 2024, during the 0-day Threat Hunt Promo of our Bug Bounty Program, we received a submission for an Unauthenticated Arbitrary File Upload vulnerability in įŽæ°ééå¨ (Keydatas), a WordPress plugin with more than 5,000 active installations.
Breaking WordPress Security Research in your inbox as it happens.
