Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Author Archive: Mark Maunder

Wordfence Blog

Podcast Episode 5: The Raquel Landefeld Interview & The Pipdig Story

This entry was posted in Podcasts on April 02, 2019 by Mark Maunder   2 Replies

This week I chat about the Pipdig controversy in full with Mikey Veenstra and Kathy Zant. Kathy and I cover the news. And we have an amazing interview with Raquel Landefeld who is a community organizer for WordPress, co-founder of agency Mode Effect and a well known and loved personality in the WordPress community. Raquel …
Read More

Podcast Episode 4: The Aaron Campbell Interview and the Social Warfare Saga

This entry was posted in Podcasts on March 26, 2019 by Mark Maunder   1 Reply

This week we have an update on the Social Warfare plugin vulnerability, how it was more serious than originally thought, and a feud that has broken out between a security researcher and forum moderators. We also have some interesting data on how WordPress will become more secure soon with code signing. And along with several …
Read More

Podcast Episode 3: The Cory Miller Interview and Active Exploits Target Easy WP SMTP Plugin

This entry was posted in Podcasts on March 21, 2019 by Mark Maunder   2 Replies

 Welcome to Think Like a Hacker, Episode 3. In this episode Mikey Veenstra, a threat analyst at Wordfence, discusses an active exploit in the Easy WP SMTP plugin. This is breaking news which we added to the podcast at the very last minute. We also chat with Cory Miller, the founder and former CEO …
Read More

Podcast Episode 2: Mikey Veenstra Talks XSS Vulnerability + The Adam Warner Interview

This entry was posted in Podcasts on March 12, 2019 by Mark Maunder   1 Reply

Welcome to Think Like a Hacker, Episode 2. In this episode Mikey Veenstra, a threat analyst at Wordfence, discusses a serious XSS vulnerability in an abandoned cart plugin. We also chat with Adam Warner, a well known figure in the WordPress community. In our interview we chat about Adam’s personal WordPress journey, community engagement success …
Read More

Think Like a Hacker Podcast Episode 1: An Interview with Josepha Haden

This entry was posted in Podcasts on March 07, 2019 by Mark Maunder   30 Replies

Josepha Haden is the Executive Director of the WordPress project at Automattic. She oversees and directs all contributor teams in their work to build and maintain WordPress. Josepha can be found at https://josepha.blog. In our news segment, we talk about recent vulnerabilities in the Freemius library affecting WordPress plugins, the CoinHive shutdown, and why potential …
Read More

Live Event: Wordfence Central Official Launch and Demo

This entry was posted in Ask Wordfence, Learning, Wordfence on February 06, 2019 by Mark Maunder   5 Replies

Today we are very excited to announce the launch of Wordfence Central. Our team has been working hard for almost a year on this ground-breaking project. Wordfence Central gives you the power of a security events and information manager for WordPress. Join me for a live event starting at 8am Pacific time, 11am EST where …
Read More

WordCamp US Recap

This entry was posted in Miscellaneous on December 13, 2018 by Mark Maunder   6 Replies

WordCamp US was held in Nashville, Tennessee this year. We sponsored the event, had a booth and of course provided lock picking lessons, as has become our tradition at WordCamps. Our goal is to get you to think like a hacker, so that you can better secure your sites. Picking a lock really gets you …
Read More

How We Think About WordPress Security and Research

This entry was posted in General Security, Wordfence, WordPress Security on December 10, 2018 by Mark Maunder   3 Replies

This weekend I had a really fun conversation with Doc Pop from Torque Magazine. Torque is a great news source for WordPress news. They are part of WP Engine, but maintain editorial independence. I chatted with Doc in Nashville, in the Music City Center where WordCamp US was being held. Music City Center is an …
Read More

WordPress 5.0: How and When to Update

This entry was posted in Miscellaneous on December 05, 2018 by Mark Maunder   50 Replies

WordPress 5.0 is being released tomorrow, December 6th. This release contains a major change to the WordPress editor. The new editor, code-named Gutenberg, is a substantial leap forward in functionality. It uses a new block-based system for editing which allows you to embed a wide range of content in your posts and pages, and gives …
Read More

Using PHP 5 Becomes Dangerous in 2 Months

This entry was posted in General Security, WordPress Security on October 30, 2018 by Mark Maunder   0 Replies

WordPress, Joomla, Drupal and many other popular website CMSs were written in a programming language called PHP. PHP version 5 is about to reach end-of-life and will stop receiving security updates in two months. Many WordPress and other PHP websites remain on version 5.6 or older. Once support for PHP 5 ends in two months, …
Read More

Follow Us


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 100 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates