Wordfence Research and News

Blog icon
Newest

$2,063 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Ultimate Member WordPress Plugin

🎉 Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! On January 30th, 2024, shortly after the launch of our second Bug Bounty Extravaganza, we received a …
Read More

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 12, 2024 to February 18, 2024)

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

$1,313 Bounty Awarded for Privilege Escalation Vulnerability Patched in Academy LMS WordPress Plugin

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

SQL Injection Vulnerability Patched in RSS Aggregator by Feedzy WordPress Plugin

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 5, 2024 to February 11, 2024)

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

2023’s Critical WordPress Vulnerabilities and How They Work

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 29, 2024 to February 4, 2024)

🎉 Did you know we’re running a Bug Bounty Extravaganza again?

$1,900 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in Cookie Information | Free GDPR Consent Solution WordPress Plugin

On December 11th, 2023, during our Holiday Bug Extravaganza, we received a submission for an Arbitrary Options Update vulnerability in Cookie Information | Free GDPR Consent Solution, a WordPress plugin with more than 100,000+ active installations.

Local File Inclusion Vulnerability Patched in Shield Security WordPress Plugin

On December 18, 2023, right before the end of Holiday Bug Extravaganza, we received a submission for a Local File Inclusion vulnerability in Shield Security, a WordPress plugin with more than 50,000+ active installations.

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 22, 2024 to January 28, 2024)

🎉 Did you know we’re running a Bug Bounty Extravaganza again?