Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Author Archive: Ram Gall

Wordfence Blog

High-Severity Vulnerabilities Patched in Discount Rules for WooCommerce

This entry was posted in Research, Vulnerabilities, WordPress Security on September 17, 2020 by Ram Gall   1 Reply

On August 20, 2020, the Wordfence Threat Intelligence team was made aware of several vulnerabilities that had been patched in Discount Rules for WooCommerce, a WordPress plugin installed on over 40,000 sites. We released a firewall rule to protect against these vulnerabilities the same day. During our investigation, we also discovered a separate set of …
Read More

Attackers Fight for Control of Sites Targeted in File Manager Vulnerability

This entry was posted in Research, Vulnerabilities, WordPress Security on September 10, 2020 by Ram Gall   5 Replies

Last week, we covered a vulnerability in the File Manager plugin installed on over 700,000 WordPress sites. By Friday, September 4, 2020, we recorded attacks on over 1.7 million sites, and by today, September 10, 2020 the total number of sites attacked has increased to over 2.6 million. We’ve seen evidence of multiple threat actors …
Read More

Millions of Sites Targeted in File Manager Vulnerability Attacks

This entry was posted in Vulnerabilities, WordPress Security on September 04, 2020 by Ram Gall   13 Replies

The Wordfence Threat Intelligence team is seeing a dramatic increase in attacks targeting the recent 0-day in the WordPress File Manager plugin. This plugin is installed on over 700,000 WordPress websites, and we estimate that 37.4% or 261,800 websites are still running vulnerable versions of this plugin at the time of this publication. Attacks are …
Read More

High-Severity Vulnerability Patched in Advanced Access Manager

This entry was posted in Research, Vulnerabilities, WordPress Security on August 20, 2020 by Ram Gall   2 Replies

On August 13, 2020, the Wordfence Threat Intelligence team finished investigating two vulnerabilities in Advanced Access Manager, a WordPress plugin with over 100,000 installations, including a high-severity Authorization Bypass vulnerability that could lead to privilege escalation and site takeover. We reached out to the plugin’s author the next day, on August 14, 2020, and received …
Read More

Newsletter Plugin Vulnerabilities Affect Over 300,000 Sites

This entry was posted in Research, Vulnerabilities, WordPress Security on August 03, 2020 by Ram Gall   6 Replies

On July 13, 2020, our Threat Intelligence team was alerted to a recently patched vulnerability in Newsletter, a WordPress plugin with over 300,000 installations. While investigating this vulnerability, we discovered two additional, more serious vulnerabilities, including a reflected Cross-Site Scripting(XSS) vulnerability and a PHP Object Injection vulnerability. We reached out to the plugin’s author on …
Read More

High Severity Vulnerability Patched in TC Custom JavaScript

This entry was posted in Research, Vulnerabilities, WordPress Security on July 21, 2020 by Ram Gall   0 Replies

On June 12, 2020, Wordfence Threat Intelligence discovered an unauthenticated stored Cross-Site Scripting(XSS) vulnerability in TC Custom JavaScript, a WordPress plugin with over 10,000 installations. Wordfence Premium customers received a new firewall rule to provide protection against attacks targeting this vulnerability the same day. Wordfence users still using the free version received this rule after …
Read More

XSS Flaw Impacting 100,000 Sites Patched in KingComposer

This entry was posted in Research, Vulnerabilities, WordPress Security on July 09, 2020 by Ram Gall   2 Replies

On June 15, 2020, our Threat Intelligence team was made aware of a number of access control vulnerabilities that had recently been disclosed in KingComposer, a WordPress plugin installed on over 100,000 sites. During our investigation of these vulnerabilities, we discovered an unpatched reflected Cross-Site Scripting(XSS) vulnerability. Wordfence Premium customers received a new firewall rule …
Read More

Critical Vulnerabilities Patched in Adning Advertising Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on July 08, 2020 by Ram Gall   4 Replies

On June 24, 2020, our Threat Intelligence team was made aware of a possible vulnerability in the Adning Advertising plugin, a premium plugin with over 8,000 customers. We eventually discovered 2 vulnerabilities, one of which was a critical vulnerability that allowed an unauthenticated attacker to upload arbitrary files, leading to Remote Code Execution(RCE), which could …
Read More

Malware Detection: Measuring Recall to Catch Them All

This entry was posted in General Security, Wordfence, WordPress Security on June 24, 2020 by Ram Gall   2 Replies

At Wordfence, we take performance seriously on all levels. While speed is one way to measure performance, there are other metrics that are equally important. Over the past year, our Threat Intelligence team has improved our malware scan by leaps and bounds. We wanted to share some of the metrics we use and what they …
Read More

WordPress 5.4.2 Patches Multiple XSS Vulnerabilities

This entry was posted in Vulnerabilities, WordPress Security on June 11, 2020 by Ram Gall   2 Replies

WordPress Core version 5.4.2 has just been released. Since this release is marked as a combined security and bug fix update, we recommend updating as soon as possible. With that said, most of the security fixes themselves are for vulnerabilities that would require specific circumstances to exploit. All in all this release contains 6 security …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates