Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

Author Archive: Dan Moen

Vulnerability in Easy Forms for MailChimp 6.1.2 and older

This entry was posted in Vulnerabilities, WordPress Security on July 28, 2016 by Dan Moen   1 Reply

Panagiotis Vagenas, a Wordfence Security Researcher, has discovered a reflected cross site scripting vulnerability in the Easy Forms for MailChimp plugin for WordPress. There are over 40,000 active installations according to wordpress.org. We shared the details of the vulnerability with the author on Monday and they released version 6.1.3 on Tuesday, which includes a fix for the vulnerability....read more

New Vulnerability in All in One SEO Pack Plugin 2.3.7 and earlier

This entry was posted in Vulnerabilities, Wordfence, WordPress Security on July 13, 2016 by Dan Moen   13 Replies

Yesterday morning Panagiotis Vagenas, a Wordfence Security Researcher, discovered a new vulnerability in the All in One SEO Pack WordPress plugin. This is in addition to another serious vulnerability we wrote about yesterday morning in the same plugin....read more

2 Vulnerabilities in Squirrly SEO plugin 6.1.4 and older

This entry was posted in Vulnerabilities, Wordfence, WordPress Security on July 11, 2016 by Dan Moen   2 Replies

Today the Squirrly SEO team released version 6.1.5 of their WordPress plugin, fixing two security vulnerabilities. They have over 20,000 active users according to wordpress.org. Panagiotis Vagenas, Security Analyst here at Wordfence discovered the vulnerabilities. Details were shared with the author and firewall rules were added to the Wordfence Threat Defense Feed on Friday. The path traversal and privilege escalation vulnerabilities impact versions 6.1.4 and older....read more

Vulnerability in Profile Builder plugin 2.4.0 and older

This entry was posted in Vulnerabilities, Wordfence, WordPress Security on July 7, 2016 by Dan Moen   3 Replies

Wordfence Security Researcher Panagiotis Vagenas recently discovered a privilege escalation vulnerability in the Profile Builder WordPress plugin, which has over 40,000 active installs according to wordpress.org. We shared the details of the vulnerability with the author yesterday and added a firewall rule to our Threat Defense Feed. The author released version 2.4.1 today which fixes the vulnerability....read more

3 Vulnerabilities in WP Maintenance Mode plugin 2.0.6 and older

This entry was posted in Vulnerabilities, Wordfence, WordPress Security on July 6, 2016 by Dan Moen   1 Reply

This morning an update to the WP Maintenance Mode plugin, version 2.0.7, was released which included fixes for 3 security vulnerabilities. According to wordpress.org the plugin is very popular, with over 400,000 active users.  The vulnerabilities were discovered by Sean Murphy, Sr. Developer at Wordfence, and we notified the plugin author last week. A firewall rule was added to the Threat Defense Feed at the time of author notification....read more

Vulnerability in EWWW Image Optimizer plugin. Severity 9.6 (Critical)

This entry was posted in Vulnerabilities, WordPress Security on June 9, 2016 by Dan Moen   8 Replies

We disclosed a critical remote code execution vulnerability in the EWWW Image Optimizer plugin to the author yesterday morning. He responded very quickly and published a fix this morning. The plugin is very popular with over 300,000 active installs, according to wordpress.org....read more

3 Plugin Vulnerabilities Disclosed Yesterday

This entry was posted in Vulnerabilities, WordPress Security on May 24, 2016 by Dan Moen   26 Replies

We disclosed three plugin vulnerabilities yesterday that we’d like to bring to your attention to....read more

What Hackers Do With Compromised WordPress Sites

This entry was posted in Learning, Research, WordPress Security on April 19, 2016 by Dan Moen   29 Replies

We often talk to site owners who are surprised that their sites are targeted by attackers. Most of them assume that if there isn't any juicy data to steal, like credit card numbers, that compromising their site is a worthless exercise. Unfortunately they are wrong. Aside from data, a compromised site's visitors can be monetized in various malicious ways.  The web server can be used to run malicious software and host content and the reputation of the domain name and IP address can be leveraged....read more

How Attackers Gain Access to WordPress Sites

This entry was posted in General Security, Learning, Research on March 23, 2016 by Dan Moen   78 Replies

On this blog we write a lot about different vulnerabilities that could lead to site compromise. In our Learning Center we go deep on a myriad of important topics related to WordPress security. Our handy checklist, for example, includes 42 items you really should be paying attention to. But surely not all 42 items are equally important, right? In today’s post we dive into some very interesting data we gathered a couple of weeks ago in a survey, letting the facts tell us what matters most....read more

Hacked Sites Suffer Long Term Search Ranking Penalties

This entry was posted in Learning, Research, SEO, WordPress Security on March 16, 2016 by Dan Moen   14 Replies

During our research into what the WordPress community knows about hacked websites, we discovered that there is very little data available on the subject. We decided to conduct a survey, inviting a portion of our community to participate....read more

Get the latest WordPress security updates and news

Sign up for WordPress security alerts, Wordfence product updates and security news via email.