Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Wordfence Blog

Podcast 117: Cyber Attack on Colonial Pipeline Affects Fuel Availability in 17 States

This entry was posted in Podcasts on May 14, 2021 by Kathy Zant   0 Replies

A ransomware attack on Colonial Pipeline affected fuel availability in 17 southeastern US states, and Bloomberg reported that Colonial Pipeline paid $5 million to DarkSide, a Russian ransomware service provider. The Biden Administration issued an executive order to increase US cybersecurity defenses. WordPress 5.7.2 was released to patch a critical object injection vulnerability in PHPMailer. …
Read More

WordPress 5.7.2 Security Release: What You Need to Know

This entry was posted in Vulnerabilities, WordPress Security on May 13, 2021 by Ram Gall   7 Replies

On May 13, 2021 01:00 UTC, WordPress core released a security patch for a Critical Object Injection vulnerability in PHPMailer, the component that WordPress uses to send emails by default. If your site is set to allow auto updating of minor point releases, your site has probably already updated to WordPress 5.7.2. While we do …
Read More

Critical Vulnerability Patched in External Media Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on May 13, 2021 by Chloe Chamberland   1 Reply

On February 2, 2021, our Threat Intelligence team responsibly disclosed the details of a vulnerability in External Media, a WordPress plugin used by over 8,000 sites. This flaw made it possible for authenticated users, such as subscribers, to upload arbitrary files on any site running the plugin. This vulnerability could be used to achieve remote …
Read More

Episode 116: Packagist Patch Shows How Supply Chain Threats Could Impact WordPress

This entry was posted in Podcasts on May 06, 2021 by Ram Gall   0 Replies

A vulnerability discovered in Packagist, which is used by Composer to manage PHP package requests, could have allowed attackers to trick Composer into downloading backdoored source code, potentially affecting all WordPress sites. Packagist reports that it’s not aware of any exploits. A SQL injection vulnerability was patched in the CleanTalk AntiSpam plugin installed on over …
Read More

SQL Injection Vulnerability Patched in CleanTalk AntiSpam Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on May 03, 2021 by Ram Gall   0 Replies

On March 4, 2021, the Wordfence Threat Intelligence team initiated responsible disclosure for a Time-Based Blind SQL Injection vulnerability discovered in Spam protection, AntiSpam, FireWall by CleanTalk, a WordPress plugin installed on over 100,000 sites. This vulnerability could be used to extract sensitive information from a site’s database, including user emails and password hashes, all …
Read More

Episode 115: Update Your Mac: Gatekeeper Bypass Vulnerability Exploited in the Wild

This entry was posted in Podcasts on April 30, 2021 by Ram Gall   0 Replies

Apple patches a gatekeeper bypass vulnerability that has been exploited in the wild on MacOS. Though this vulnerability requires some social engineering to exploit, it is believed to have been actively exploited since January 9, 2021. Some Digital Ocean customers were affected by a data breach exposing personally identifiable information. A WordPress trac conversation considers …
Read More

Severe Unpatched Vulnerabilities Leads to Closure of Store Locator Plus Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on April 26, 2021 by Chloe Chamberland   2 Replies

On March 5, 2021, the Wordfence Threat Intelligence team wrapped up an investigation that led to the discovery of a privilege escalation vulnerability along with several additional vulnerabilities in Store Locator Plus, a WordPress plugin installed on over 9,000 sites. We initially reached out to the plugin’s developer on March 5, 2021. We received no …
Read More

Episode 114: Trifecta of Compromises Affect Enterprise Systems

This entry was posted in Podcasts on April 23, 2021 by Kathy Zant   0 Replies

Attacks on unpatched SolarWinds systems continue. We’re now learning of a supply chain attack that started in late January 2021 affecting 29,000 customers of Codecov, as well as a zero-day under active attack affecting customers of PulseSecure VPN. Customers of these three services are well known enterprise and government organizations. In the WordPress space, there …
Read More

PSA: Remove Kaswara Modern WPBakery Page Builder Addons Plugin Immediately

This entry was posted in Research, Vulnerabilities, WordPress Security on April 21, 2021 by Chloe Chamberland   13 Replies

Today, April 21, 2021, the Wordfence Threat Intelligence team became aware of a critical 0-day vulnerability that is being actively exploited in Kaswara Modern WPBakery Page Builder Addons, a premium plugin that we estimate has over 10,000 installations. This vulnerability was reported this morning to WPScan by “Robin Goodfellow.” The exploited flaw makes it possible …
Read More

Severe Vulnerabilities Patched in Redirection for Contact Form 7 Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on April 20, 2021 by Chloe Chamberland   6 Replies

On February 11, 2021, our Threat Intelligence team responsibly disclosed several vulnerabilities in Redirection for Contact Form 7, a WordPress plugin used by over 200,000 sites. One of these flaws made it possible for unauthenticated attackers to generate arbitrary nonces for any function. The second flaw made it possible for authenticated attackers to install arbitrary …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates