This site uses cookies in accordance with our Privacy Policy.
Wordfence Research and News
Category: WordPress Security
The June 2017 WordPress Attack Report
Today’s post is a continuation of the WordPress Attack Report series we’ve been publishing since December 2016.
The WPSetup Attack: New Campaign Targets Fresh WordPress Installs
At Wordfence, we track millions of attacks from a wide variety of sources every day.
Vulnerability Roundup: 3 Vulnerable WP Plugins and Update Your Joomla
It’s been a tough week for the WP Statistics plugin. Last Friday, Sucuri (now owned by GoDaddy) discovered a SQL injection vulnerability in the WP Statistics plugin version 12.0.7 and older.
WSO Shell: The Hack Is Coming From Inside The House!
Imagine that one day you discover that a burglar has broken into your home and attempted to make off with your big-screen TV.
New in Wordfence 6.3.11: Abandoned and Removed Plugin Alerts
On Thursday of last week, we released Wordfence 6.3.11 which included a really exciting new feature: we are now alerting you if you are running a plugin that either appears to be abandoned or has been removed from the WordPress.org plugin directory.
Home Router Botnet Resumes Attacks
Yesterday at 7pm UTC (noon PDT) we saw the volume of brute force attacks on the WordPress sites that we protect more than double from the average for the previous 24 hours.
WordPress Backups Are Critical to Your Security Strategy
On this blog, we often talk about employing a “defense in depth” approach to WordPress security.
The May 2017 WordPress Attack Report
Today’s post is a continuation of the WordPress Attack Report series we’ve been publishing since December 2016.
7 Popular WordPress Security Myths
Because of its incredible popularity as a platform, WordPress enjoys a sizable, generous community of users that spend their time sharing information, resources, tips and insights with other WordPress users online.
Wordfence Launches WordPress Security Audit Service
This morning I am very excited to announce that Wordfence is officially launching a WordPress Security Audit service.
Breaking WordPress Security Research in your inbox as it happens.
