Vulnerabilities Archives - Page 40 of 41

Avoid Malware Scanners That Use Insecure Hashing

In this post I’m going to discuss a major problem that exists with several WordPress malware scanners: The use of weak hashing algorithms for good and bad file identification.

Top 50 Most Attacked WordPress Plugins This Week

Last week we shared the top 20 most attacked WordPress themes and an explanation of why many of them are targeted.

This Week’s Top 20 Attacked Themes and Who is Attacking Them

Today we’re publishing statistics on the attacks we are seeing on themes across the WordPress ecosystem.

Profile of a Russian Attack IP

At Wordfence we track attacks across all our customer sites, both free and paid to learn more about attacker tactics, techniques and procedures (TTP’s).

Vulnerability Roundup for Thursday July 28th

This is a roundup of recent vulnerabilities in WordPress plugins that you should be aware of.

Vulnerability in Easy Forms for MailChimp 6.1.2 and older

Panagiotis Vagenas, a Wordfence Security Researcher, has discovered a reflected cross site scripting vulnerability in the Easy Forms for MailChimp plugin for WordPress.

New Vulnerability in All in One SEO Pack Plugin 2.3.7 and earlier

Yesterday morning Panagiotis Vagenas, a Wordfence Security Researcher, discovered a new vulnerability in the All in One SEO Pack WordPress plugin.

Serious Vulnerability in All in One SEO Pack Plugin 2.3.6.1 and earlier

There is a serious stored cross site scripting (XSS) vulnerability in All in One SEO Pack Plugin versions 2.3.6.1 and older.

2 Vulnerabilities in Squirrly SEO plugin 6.1.4 and older

Today the Squirrly SEO team released version 6.1.5 of their WordPress plugin, fixing two security vulnerabilities.

Vulnerability in Profile Builder plugin 2.4.0 and older

Wordfence Security Researcher Panagiotis Vagenas recently discovered a privilege escalation vulnerability in the Profile Builder WordPress plugin, which has over 40,000 active installs according to wordpress.org.

Wordfence Research and News