This site uses cookies in accordance with our Privacy Policy.
Wordfence Research and News
Category: WordPress Security
Wordfence Intelligence: Because Community Created Vulnerabilities Are Community Property
Last August, at Black Hat 2022 in Las Vegas, we launched Wordfence Intelligence, a product designed to provide large enterprise customers with rich IP threat data, malware signatures, malware hashes, and vulnerability data to help keep enterprise customers and networks secure.
Wordfence Intelligence Weekly WordPress Vulnerability Report (Feb 20, 2023 to Feb 26, 2023)
Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence Community Edition.
All In One SEO Pack Vulnerabilities Impacting 3 Million Sites Patched
On January 26, 2023, the Wordfence Team responsibly disclosed two vulnerabilities in All In One SEO Pack, a WordPress plugin installed on over 3 Million sites which provides search engine optimization tools designed to help content creators optimize their sites and reach more users.
Wordfence Intelligence CE Weekly Vulnerability Report (Feb 13, 2023 to Feb 19, 2023)
Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence Community Edition.
Authorization vs. Intent: Why You Should Always Verify Both
The Wordfence Threat Intelligence team has observed a recent increase in the number of partial vulnerability patches that don’t properly address separate underlying issues.
Wordfence Intelligence CE Weekly Vulnerability Report (Feb 6, 2023 to Feb 12, 2023)
In case you missed it, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence Community Edition.
Wordfence Intelligence CE Weekly Vulnerability Report (1-30-2023 to 2-5-2023)
In case you missed it, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme and, plugin vulnerabilities known as Wordfence Intelligence Community Edition.
High-Severity XSS Vulnerability in Metform Elementor Contact Form Builder
On January 4, 2023, independent security researcher Mohammed Chemouri reached out to the Wordfence Vulnerability Disclosure program to responsibly disclose and request a CVE ID for a vulnerability in Metform Elementor Contact Form Builder, a WordPress plugin with over 100,000 installations.
Multiple Vulnerabilities Patched in Quick Restaurant Menu Plugin
On January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress plugin that allows users to set up restaurant menus on their sites.
The Wordfence 2022 State of WordPress Security Report
Today, the Wordfence Threat Intelligence team is releasing our 2022 State of WordPress Security Report as a free White Paper.
Breaking WordPress Security Research in your inbox as it happens.
