Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Wordfence Blog

High-Severity Vulnerabilities Patched in Discount Rules for WooCommerce

This entry was posted in Research, Vulnerabilities, WordPress Security on September 17, 2020 by Ram Gall   1 Reply

On August 20, 2020, the Wordfence Threat Intelligence team was made aware of several vulnerabilities that had been patched in Discount Rules for WooCommerce, a WordPress plugin installed on over 40,000 sites. We released a firewall rule to protect against these vulnerabilities the same day. During our investigation, we also discovered a separate set of …
Read More

The Hacker Motive: What Attackers Are Doing with Your Hacked Site

This entry was posted in General Security, Wordfence, WordPress Security on September 16, 2020 by Chloe Chamberland   5 Replies

Yesterday, September 15, 2020, the Wordfence Live team covered The Hacker Motive: What Attackers Are Doing with Your Hacked Site. This companion blog post reviews the motives we discussed live during Wordfence Live and dives deeper into the minds of attackers. You can watch the video of Wordfence Live below. Timestamps You can click on …
Read More

Episode 86: War of the Hackers

This entry was posted in Podcasts on September 11, 2020 by Scott Miller   0 Replies

Millions of attacks have been targeting the recent File Manager plugin zero-day vulnerability discovered last week. Two attackers are vying for control over sites compromised through the vulnerability. A security researcher has revealed that specially crafted Windows 10 themes can be used to perform Pass-the-Hash attacks. A database belonging to the Digital Point webmaster forum …
Read More

Attackers Fight for Control of Sites Targeted in File Manager Vulnerability

This entry was posted in Research, Vulnerabilities, WordPress Security on September 10, 2020 by Ram Gall   5 Replies

Last week, we covered a vulnerability in the File Manager plugin installed on over 700,000 WordPress sites. By Friday, September 4, 2020, we recorded attacks on over 1.7 million sites, and by today, September 10, 2020 the total number of sites attacked has increased to over 2.6 million. We’ve seen evidence of multiple threat actors …
Read More

Millions of Sites Targeted in File Manager Vulnerability Attacks

This entry was posted in Vulnerabilities, WordPress Security on September 04, 2020 by Ram Gall   13 Replies

The Wordfence Threat Intelligence team is seeing a dramatic increase in attacks targeting the recent 0-day in the WordPress File Manager plugin. This plugin is installed on over 700,000 WordPress websites, and we estimate that 37.4% or 261,800 websites are still running vulnerable versions of this plugin at the time of this publication. Attacks are …
Read More

Episode 85: 0Day in File Manager Plugin and WordPress 5.5.1 Fixes Broken Sites

This entry was posted in Podcasts on September 04, 2020 by Scott Miller   0 Replies

Over 700,000 WordPress users were affected by a zero-day vulnerability in the File Manager plugin, and the WordPress 5.5.1 release fixed millions of sites affected by deprecation of jQuery Migrate. SendGrid is under siege from spammers using hacked accounts, and Apple approves a notorious malware variant to run on Macs. Here are timestamps and links …
Read More

700,000 WordPress Users Affected by Zero-Day Vulnerability in File Manager Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on September 01, 2020 by Chloe Chamberland   16 Replies

This morning, on September 1, 2020, the Wordfence Threat Intelligence team was alerted to the presence of a vulnerability being actively exploited in File Manager, a WordPress plugin with over 700,000 active installations. This vulnerability allowed unauthenticated users to execute commands and upload malicious files on a target site. A patch was released this morning …
Read More

Episode 84: Google Chrome Plans to Implement Insecure Form Warnings

This entry was posted in Podcasts on August 28, 2020 by Scott Miller   0 Replies

The Google Chrome web browser has a high-severity vulnerability that could be used to execute arbitrary code, which has been fixed in Chrome version 85. Google also announced that Chrome 86 will alert users if a form submission is using the insecure HTTP protocol, making it a good time to audit older sites that may …
Read More

Episode 83: 100,000 Sites Impacted by Vulnerabilities in Advanced Access Manager

This entry was posted in Podcasts on August 21, 2020 by Scott Miller   0 Replies

The Wordfence Threat Intelligence team discovered vulnerabilities in the Advanced Access Manager plugin installed on over 100,000 WordPress sites. A high severity authorization bypass could lead to privilege escalation and site takeover. Critical vulnerabilities found in the Quiz and Survey Master plugin could also lead to site takeover on the 30,000 WP sites using the …
Read More

High-Severity Vulnerability Patched in Advanced Access Manager

This entry was posted in Research, Vulnerabilities, WordPress Security on August 20, 2020 by Ram Gall   2 Replies

On August 13, 2020, the Wordfence Threat Intelligence team finished investigating two vulnerabilities in Advanced Access Manager, a WordPress plugin with over 100,000 installations, including a high-severity Authorization Bypass vulnerability that could lead to privilege escalation and site takeover. We reached out to the plugin’s author the next day, on August 14, 2020, and received …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates