Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Author Archive: James

Wordfence Blog

Zero-Day Vulnerability in Yellow Pencil Visual Theme Customizer Exploited in the Wild

This entry was posted in Vulnerabilities, WordPress Security on April 11, 2019 by James   5 Replies

On Monday the WordPress plugin Yellow Pencil Visual Theme Customizer was closed in the WordPress.org plugin repository. The plugin is quite popular, with an active install base of over 30,000 websites. On Tuesday a security researcher made the irresponsible and dangerous decision to publish a blog post including a proof of concept (POC) detailing how …
Read More

Reminder: Popular Browsers To Distrust Symantec SSL/TLS Certificates Starting In October

This entry was posted in General Security on September 13, 2018 by James   7 Replies

This is a final reminder that legacy TLS certificates issued by Symantec, including those issued by authorities like Thawte, Geotrust, and RapidSSL which used Symantec as a central authority, will be distrusted by both Google Chrome and Mozilla Firefox¬†beginning in October. Apple products have partially distrusted these certificates and plan to also distrust the full …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 100 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates