Wordfence Research and News

Blog icon

PSA: Update Now! Critical Authentication Bypass in WooCommerce Payments Allows Site Takeover

This post has been updated with additional information that has become available since its publication The Wordfence Threat Intelligence team regularly monitors plugin updates and reviews any indicating that a potential security issue may have been addressed. Today, March 23, 2023, we noticed that the “WooCommerce Payments – Fully Integrated Solution Built and Supported by …
Read More

Wordfence Adds Two Factor Auth for WooCommerce Customers

Wordfence 7.9.0 has been released and it includes a very exciting feature for WooCommerce sites and other WordPress sites wanting to make two factor authentication (2fa) available to their site users or members. Wordfence 7.9.0 now lets you give your users the ability to configure 2fa on their profile pages. For WooCommerce websites, by enabling …
Read More

High-Severity XSS Vulnerability in Metform Elementor Contact Form Builder

On January 4, 2023, independent security researcher Mohammed Chemouri reached out to the Wordfence Vulnerability Disclosure program to responsibly disclose and request a CVE ID for a vulnerability in Metform Elementor Contact Form Builder, a WordPress plugin with over 100,000 installations. The vulnerability, an unauthenticated stored cross-site scripting vulnerability, is arguably the most dangerous variant …
Read More

The Wordfence 2022 State of WordPress Security Report

Today, the Wordfence Threat Intelligence team is releasing our 2022 State of WordPress Security Report as a free White Paper. In our report, we look at changes in the threat landscape, analyze impactful trends, and provide recommendations based on our findings. While most of our recommendations remain consistent with prior years, there were some surprising …
Read More

Eleven Vulnerabilities Patched in Royal Elementor Addons

On December 23, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a set of 11 vulnerabilities in Royal Elementor Addons, a WordPress plugin with over 100,000 installations. The plugin developers responded on December 26, and we sent over the full disclosure that day. We released a firewall rule protecting against these …
Read More

PSA: YITH WooCommerce Gift Cards Premium Plugin Exploited in the Wild

The Wordfence Threat Intelligence team has been tracking exploits targeting a Critical Severity Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards Premium, a plugin with over 50,000 installations according to the vendor. The vulnerability, reported by security researcher Dave Jong and publicly disclosed on November 22, 2022, impacts plugin versions up to and including …
Read More

Featured images showing hackers whimsically stealing things from a monitor

How Much is Your Hacked Site Worth?

The Wordfence Threat Intelligence team has recently concluded an investigation of online marketplaces, colloquially known as “shops” by threat actors, selling access to compromised services. While contemporary threat actors primarily coordinate and conduct business through Telegram channels, compromised services and accounts are effectively a commodity, and access to them has become fundamental to the operation …
Read More

Russian Hacktivist Group Targets Political Websites with DDOS Attacks

A Russian hacktivist group calling itself “The People’s Cyberarmy” called on its members to target the American Democratic party website at https://democrats.org with DDOS (Distributed Denial of Service) attacks this morning, November 8th, 2022, which is Election Day in the United States. A post in their Telegram channel, “CyberArmyofRussia_Reborn”, which has more than 7,000 subscribers …
Read More

Wordfence Intelligence Launches New Malware Hash Feed!

Today, the Wordfence team is launching a Malware Hash Feed as part of our Wordfence Intelligence API. This gives our Enterprise users another way to rapidly and definitively identify malware targeting web applications. As the world’s foremost WordPress security provider, Wordfence has an expertly curated database of nearly three and a half million unique malicious …
Read More

Threat Advisory: Monitoring CVE-2022-42889 “Text4Shell” Exploit Attempts

On October 17, 2022, the Wordfence Threat Intelligence team began monitoring for activity targeting CVE-2022-42889, or “Text4Shell” on our network of 4 million websites. We started seeing activity targeting this vulnerability on October 18, 2022. Text4Shell is a vulnerability in the Apache Commons Text library versions 1.5 through 1.9 that can be used to achieve …
Read More