Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Wordfence Blog

Nulled WordPress Plugins – Dangers and Downsides

This entry was posted in General Security, WordPress Security on July 21, 2021 by Ram Gall   7 Replies

In our 2020 Threat Report, the Wordfence Threat Intelligence Team identified malware distributed via nulled, pirated, or counterfeit plugins and themes as one of the largest threats facing the WordPress ecosystem. Many site owners are unaware of the risks associated with using nulled plugins, and in many cases, they may not even be aware that …
Read More

Episode 125: Critical SQL Injection Vulnerability Patched in WooCommerce

This entry was posted in Podcasts on July 16, 2021 by Ram Gall   0 Replies

A critical SQL injection vulnerability was discovered in WooCommerce, the most popular e-Commerce plugin used by over 5 million WordPress sites. The WordPress.org team pushed a forced security update ensuring that over 90 versions of WooCommerce were patched. The REvil ransomware gang targeted a zero-day vulnerability in Kaseya, used by many in the banking industry, …
Read More

Critical SQL Injection Vulnerability Patched in WooCommerce

This entry was posted in Vulnerabilities, WordPress Security on July 15, 2021 by Ram Gall   15 Replies

Update: The article originally credited Tommy DeVoss (dawgyg) for the discovery. We’ve since been contacted by Tommy, who let us know that the credit should go to another researcher, Josh from DOS (Development Operations Security) On July 14, 2021, WooCommerce released an emergency patch for a SQL Injection vulnerability reported by a security researcher, Josh …
Read More

Common WordPress Vulnerabilities and Prevention Through Secure Coding Best Practices

This entry was posted in General Security, Vulnerabilities, WordPress Security on July 13, 2021 by Chloe Chamberland   4 Replies

WordPress has experienced exponential growth in the past several years and now holds over 42% of the CMS market share for all major sites. There are over 50,000 plugins available to download in the WordPress repository. That does not include the thousands of premium or open source plugins available outside of the repository, along with …
Read More

Episode 124: PrintNightmare 0Day Exploit Accidentally Leaked Online

This entry was posted in Podcasts on July 02, 2021 by Kathy Zant   2 Replies

Security researchers accidentally leaked zero-day exploit code for a new Windows bug, now called PrintNightmare, while easily exploitable vulnerabilities in the ProfilePress plugin, previously called WP User Avatar, were patched quickly. An unprotected cloud database containing over 814 million DreamHost user records was found online. Google Chrome is getting a HTTPS-only feature in an upcoming …
Read More

Easily Exploitable Critical Vulnerabilities Patched in ProfilePress Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on June 28, 2021 by Chloe Chamberland   9 Replies

On May 27, 2021, the Wordfence Threat Intelligence team initiated the responsible disclosure process for several vulnerabilities that were discovered in ProfilePress, formerly WP User Avatar, a WordPress plugin installed on over 400,000 sites. These flaws made it possible for an attacker to upload arbitrary files to a vulnerable site and register as an administrator …
Read More

Episode 123: Over 30 Million Dell Devices at Risk for Remote BIOS Attacks

This entry was posted in Podcasts on June 24, 2021 by Ram Gall   0 Replies

Over 30 million Dell devices are at risk for remote BIOS attacks due to four separate security bugs, which can have far reaching effects for enterprise organizations heavily invested in Dell devices. VMware Carbon Black App Control has been updated this week to fix a critical-severity vulnerability that allows authentication bypass. Antivirus creator John McAfee …
Read More

Episode 122: Largest Password Dump in History Fuels Credential Stuffing Extravaganza

This entry was posted in Podcasts on June 18, 2021 by Ram Gall   2 Replies

Sites running Jetpack are being infected via compromised WordPress.com credentials. The largest password dump ever with 8.4 billion passwords is used in credential stuffing attacks. Wordfence Threat Intelligence discloses new plugin vulnerabilities as well as a vulnerability at tsoHost. Data Breaches impact VW and EA, REvil compromises a nuclear weapons contractor, and TurboTax accounts are …
Read More

Service Vulnerabilities: Shared Hosting Symlink Security Issue Still Widely Exploited on Unpatched Servers

This entry was posted in Research, Vulnerabilities, WordPress Security on June 17, 2021 by Charles Strader Sweethill   6 Replies

The Wordfence site cleaning team helps numerous customers recover from malware infections and site intrusions. While doing so, Wordfence Security Analysts perform a detailed forensic investigation in order to determine how the site was compromised by attackers. In a set of recent cases, we were able to identify a service vulnerability allowing malicious attackers to …
Read More

Cross-Site Request Forgery Patched in WP Fluent Forms

This entry was posted in Research, Vulnerabilities, WordPress Security on June 16, 2021 by Ram Gall   0 Replies

On March 2, 2021, the Wordfence Threat Intelligence team responsibly disclosed a Cross-Site Request Forgery(CSRF) vulnerability in WP Fluent Forms, a WordPress plugin installed on over 80,000 sites. This vulnerability also allowed a stored Cross-Site Scripting(XSS) attack which, if successfully exploited, could be used to take over a site. We reached out to the plugin …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 200 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates