Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Author Archive: Ram Gall

Wordfence Blog

PHP 8: What WordPress Users Need to Know

This entry was posted in WordPress Security on November 23, 2020 by Ram Gall   14 Replies

PHP 8.0 is set to be released on November 26, 2020. As the programming language powering WordPress sites, PHP’s latest version offers new features that developers will find useful and improvements that promise to greatly enhance security and performance in the long run. It also fully removes a number of previously deprecated functions. PHP 8 …
Read More

Episode 96: Hosting Provider Failures and Incident Response Preparedness

This entry was posted in Podcasts on November 20, 2020 by Ram Gall   0 Replies

Two hosting providers experienced outages this week. GoDaddy had a brief outage affecting numerous systems on Tuesday, November 17. Managed.com had an extensive outage due to ransomware that affected all systems. We discuss what types of incident response preparations site owners should consider when events beyond their control occur. We also discuss a large-scale attack …
Read More

Large-Scale Attacks Target Epsilon Framework Themes

This entry was posted in Research, Vulnerabilities, WordPress Security on November 17, 2020 by Ram Gall   6 Replies

On November 17, 2020, our Threat Intelligence team noticed a large-scale wave of attacks against recently reported Function Injection vulnerabilities in themes using the Epsilon Framework, which we estimate are installed on over 150,000 sites. So far today, we have seen a surge of more than 7.5 million attacks against more than 1.5 million sites …
Read More

Episode 94: Hosting Provider Exposed 63 Million Customer Records

This entry was posted in Podcasts on November 06, 2020 by Ram Gall   0 Replies

A hosting provider exposed over 63 million customer records via an open elastic search database containing verbose logs with plain-text username/password credentials for numerous WordPress, Magento and other sites. We also talk about the security updates in WordPress 5.5.2/5.5.3 and the accidental 5.5.3-alpha autoupdate. We talk about object injection vulnerabilities like the one discovered in …
Read More

Object Injection Vulnerability in Welcart e-Commerce Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on November 05, 2020 by Ram Gall   2 Replies

On October 6, 2020, our Threat Intelligence team discovered a High-Severity Object Injection vulnerability in Welcart e-Commerce, a WordPress plugin with over 20,000 installations that claims top market share in Japan. After we finished our investigation, we contacted the plugin’s publisher, Collne Inc. on October 9, 2020. Full disclosure was sent on October 12, 2020, …
Read More

Episode 92: WordPress Forced Security Autoupdate Protects Sites from Loginizer Vulnerability

This entry was posted in Podcasts on October 23, 2020 by Ram Gall   0 Replies

An easily exploitable SQL injection vulnerability was discovered in the Loginizer plugin installed on over one million WordPress sites, causing the WordPress team to force an update to sites using the vulnerable version. The Justice Department is filing antitrust suit against Google for allegedly monopolizing search and search advertising markets. Google Chrome gets an update …
Read More

High Severity Vulnerabilities in Post Grid and Team Showcase Plugins

This entry was posted in Research, Vulnerabilities, WordPress Security on October 05, 2020 by Ram Gall   0 Replies

On September 14, 2020, our Threat Intelligence team discovered two high severity vulnerabilities in Post Grid, a WordPress plugin with over 60,000 installations. While investigating one of these vulnerabilities, we discovered that almost identical vulnerabilities were also present in Team Showcase, a separate plugin by the same author with over 6,000 installations. We initially reached …
Read More

High-Severity Vulnerabilities Patched in Discount Rules for WooCommerce

This entry was posted in Research, Vulnerabilities, WordPress Security on September 17, 2020 by Ram Gall   2 Replies

On August 20, 2020, the Wordfence Threat Intelligence team was made aware of several vulnerabilities that had been patched in Discount Rules for WooCommerce, a WordPress plugin installed on over 40,000 sites. We released a firewall rule to protect against these vulnerabilities the same day. During our investigation, we also discovered a separate set of …
Read More

Attackers Fight for Control of Sites Targeted in File Manager Vulnerability

This entry was posted in Research, Vulnerabilities, WordPress Security on September 10, 2020 by Ram Gall   5 Replies

Last week, we covered a vulnerability in the File Manager plugin installed on over 700,000 WordPress sites. By Friday, September 4, 2020, we recorded attacks on over 1.7 million sites, and by today, September 10, 2020 the total number of sites attacked has increased to over 2.6 million. We’ve seen evidence of multiple threat actors …
Read More

Millions of Sites Targeted in File Manager Vulnerability Attacks

This entry was posted in Vulnerabilities, WordPress Security on September 04, 2020 by Ram Gall   15 Replies

The Wordfence Threat Intelligence team is seeing a dramatic increase in attacks targeting the recent 0-day in the WordPress File Manager plugin. This plugin is installed on over 700,000 WordPress websites, and we estimate that 37.4% or 261,800 websites are still running vulnerable versions of this plugin at the time of this publication. Attacks are …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates