This site uses cookies in accordance with our Privacy Policy.
Wordfence Research and News
Category: WordPress Security
Large distributed brute force attack underway at 40,000 attacks per minute
We’re seeing an unusually large WordPress attack underway – as you can see it triggered our automated alerting system which posted to Facebook and Twitter.
[WordPress Security] Vulnerabilities in BuddyPress, Better WP Security, WP Cron Dashboard and more.
This went out on our WordPress Security mailing list a few minutes ago: We are now seeing exploits for the following vulnerabilities in the wild.
Large distributed brute force attack underway
Update at 10am EST, Feb 11th: The attack appears to be abating with brief spikes in activity.
How to Secure Your Upload Scripts and How Hackers use Google to find Vulnerable Sites.
This week we’ve seen two new exploits hit the wild, one in the Ghost commercial theme and another in WP-Mailinglist.
About to choose GoDaddy for WordPress hosting? Read this.
In dealing with a support issue with one of our customers (now resolved) I realized that when you set up your WordPress site, you get to choose between a Windows web server and a Linux web server.
How referrer spam affects search engine rankings
A question I receive fairly often is: Wordfence ran a scan on my site and found a known malicious URL in one of my files.
Three new WordPress Plugin Vulnerabilities and what to do about them
The Plugin Complete Gallery Manager 3.3.3 contains a remotely exploitable file upload vulnerability.
What to do when popular plugins or themes contain malicious URLs.
A couple of weeks ago a popular theme started showing up in Wordfence scans as containing a malicious URL.
Why is Wordfence flagging a popular theme or plugin as containing malware?
A couple of weeks ago a popular theme started showing up in Wordfence scans as containing a malcious URL.
The other reason you want to enforce strong passwords for your users
In a conversation I was having recently with a cryptography enthusiast I was reminded of a very important reason you may want to enforce strong/complex passwords on your website.
Breaking WordPress Security Research in your inbox as it happens.
