This site uses cookies in accordance with our Privacy Policy.
Wordfence Research and News
Category: WordPress Security
Vulnerability in Easy Forms for MailChimp 6.1.2 and older
Panagiotis Vagenas, a Wordfence Security Researcher, has discovered a reflected cross site scripting vulnerability in the Easy Forms for MailChimp plugin for WordPress.
New Vulnerability in All in One SEO Pack Plugin 2.3.7 and earlier
Yesterday morning Panagiotis Vagenas, a Wordfence Security Researcher, discovered a new vulnerability in the All in One SEO Pack WordPress plugin.
Serious Vulnerability in All in One SEO Pack Plugin 2.3.6.1 and earlier
There is a serious stored cross site scripting (XSS) vulnerability in All in One SEO Pack Plugin versions 2.3.6.1 and older.
2 Vulnerabilities in Squirrly SEO plugin 6.1.4 and older
Today the Squirrly SEO team released version 6.1.5 of their WordPress plugin, fixing two security vulnerabilities.
Vulnerability in Profile Builder plugin 2.4.0 and older
Wordfence Security Researcher Panagiotis Vagenas recently discovered a privilege escalation vulnerability in the Profile Builder WordPress plugin, which has over 40,000 active installs according to wordpress.org.
3 Vulnerabilities in WP Maintenance Mode plugin 2.0.6 and older
This morning an update to the WP Maintenance Mode plugin, version 2.0.7, was released which included fixes for 3 security vulnerabilities.
An Interview with a Wordfence Senior Security Analyst
Colette Chamberland is one of our two Senior Security Analysts who mentor and guide the rest of our team of analysts.
A Big Week for Security: Upgrade Jetpack to 4.0.4, Upgrade WordPress Core to 4.5.3.
It’s been a busy week for WordPress security. Jetpack has released a major security update with version 4.0.4 this week that fixes three vulnerabilities: a vulnerability that allowed an attacker to perform unauthorized changes to the “post by email” settings a cross site scripting (XSS) vulnerability in the Jetpack ‘Likes’ module a vulnerability that made submitted ...
8 Reasons Why You Should Choose Wordfence to Clean Your Hacked Site
At Wordfence we know you have a choice between site cleaning vendors.
Vulnerability in WordPress Core: Bypass any password protected post. CVSS Score: 7.5 (High)
The WordPress Core team have just released WordPress version 4.5.3 which is a maintenance and security release.
Breaking WordPress Security Research in your inbox as it happens.
