This site uses cookies in accordance with our Privacy Policy.
Wordfence Research and News
Category: WordPress Security
Ask Wordfence: Should I Permanently Block IPs That I See Wordfence Blocking?
This is the fifth installment in a new series we started last month called Ask Wordfence.
Your Site Reputation Makes You a Target
I’ve mentioned Troy Hunt a few times on this blog. He’s one of the good guys in our industry and runs a website called haveibeenpwned.com.
Ask Wordfence: How to Limit Security Risks From Plugins
This is the fourth installment in a new series we started last month.
The October 2017 WordPress Attack Report
This month’s WordPress Attack Report is a continuation of a series we have been publishing since December 2016.
Cryptocurrency Miners Exploiting WordPress Sites
During the last month, the information security media has paid a lot of attention to cryptocurrency mining malware.
Ask Wordfence Episode 3: Should You Hide Your WordPress Login Page?
In today’s episode of Ask Wordfence, I answer a common question we receive from customers: Should I hide my WordPress login page?
Zero Day Vulnerability Fixed in Ultimate Form Builder Lite
Last month, we identified three plugins with critical object injection vulnerabilities, all being exploited in the wild.
New Attacker Scanning for SSH Private Keys on Websites
Wordfence is seeing a significant spike in SSH private key scanning activity.
12.8% of Sites Have Sensitive File Disclosure Vulnerabilities
As you probably know we launched Gravityscan this May. Gravityscan is a security scanner for any website that serves as a great complement to Wordfence.
Postman SMTP Plugin With Unpatched Vulnerability Removed From Directory
We have received a number of questions regarding the Postman SMTP plugin which was removed from the WordPress.org directory this week.
Breaking WordPress Security Research in your inbox as it happens.
