This site uses cookies in accordance with our Privacy Policy.
Wordfence Research and News
Vulnerability fixed in Jetpack 4.0.3. Severity: 6.1 (Medium)
An XSS vulnerability has been fixed in Jetpack version 4.0.3 which was released yesterday.
Vulnerability in User Role Editor – Users Can Become Admins
There is a major vulnerability in a popular plugin with over 300,000 active installs: User Role Editor 4.24 and older.
WordPress-Delivered Ransomware and Hacked Linux Distributions
In a rather unfortunate turn of events earlier this month, the Hollywood Presbyterian Medical Center was infected with ransomware.
6 Million Password Attacks in 16 Hours and How to Block Them
Last week in the President’s cyber security op-ed in the Wall Street Journal he implored Americans to move beyond simple passwords and to enable two factor authentication or cellphone sign-in.
3 Severe Plugin Vulnerabilities Fixed in the Last 24 Hours
The following three plugins contain severe vulnerabilities that have all been fixed within the past 24 hours.
WordPress 4.4.2 Security Release – Why you need to update immediately
It’s been a busy morning in WordPress security. Right after we released details of the attack platform we recently analyzed, WordPress released a security update in the form of 4.4.2.
An Attack Platform Infecting WordPress Sites
At Wordfence we frequently investigate hacked customer websites as part of an ongoing R&D effort to improve our core scanning engine.
WordPress Security January Roundup: Core XSS and 4 Plugin vulnerabilities
This has certainly been an eventful month in WordPress security. January 6th saw a WordPress core security update.
The 2015 WordPress Security Survey Results are out
To bring a close to 2015 we conducted a WordPress security survey.
Wordfence 2015 Update and Three Plugin Vulnerabilities You Should Know About
2015 is going to be an exciting year for WordPress publishers.
Breaking WordPress Security Research in your inbox as it happens.
