Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Author Archive: Ram Gall

Wordfence Blog

WordPress 5.7.2 Security Release: What You Need to Know

This entry was posted in Vulnerabilities, WordPress Security on May 13, 2021 by Ram Gall   7 Replies

On May 13, 2021 01:00 UTC, WordPress core released a security patch for a Critical Object Injection vulnerability in PHPMailer, the component that WordPress uses to send emails by default. If your site is set to allow auto updating of minor point releases, your site has probably already updated to WordPress 5.7.2. While we do …
Read More

Episode 116: Packagist Patch Shows How Supply Chain Threats Could Impact WordPress

This entry was posted in Podcasts on May 06, 2021 by Ram Gall   0 Replies

A vulnerability discovered in Packagist, which is used by Composer to manage PHP package requests, could have allowed attackers to trick Composer into downloading backdoored source code, potentially affecting all WordPress sites. Packagist reports that it’s not aware of any exploits. A SQL injection vulnerability was patched in the CleanTalk AntiSpam plugin installed on over …
Read More

SQL Injection Vulnerability Patched in CleanTalk AntiSpam Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on May 03, 2021 by Ram Gall   0 Replies

On March 4, 2021, the Wordfence Threat Intelligence team initiated responsible disclosure for a Time-Based Blind SQL Injection vulnerability discovered in Spam protection, AntiSpam, FireWall by CleanTalk, a WordPress plugin installed on over 100,000 sites. This vulnerability could be used to extract sensitive information from a site’s database, including user emails and password hashes, all …
Read More

Episode 115: Update Your Mac: Gatekeeper Bypass Vulnerability Exploited in the Wild

This entry was posted in Podcasts on April 30, 2021 by Ram Gall   0 Replies

Apple patches a gatekeeper bypass vulnerability that has been exploited in the wild on MacOS. Though this vulnerability requires some social engineering to exploit, it is believed to have been actively exploited since January 9, 2021. Some Digital Ocean customers were affected by a data breach exposing personally identifiable information. A WordPress trac conversation considers …
Read More

Widespread Attacks Continue Targeting Vulnerabilities in The Plus Addons for Elementor Pro

This entry was posted in Research, Vulnerabilities, WordPress Security on April 19, 2021 by Ram Gall   6 Replies

Over the past 10 days, Wordfence has blocked over 14 million attacks targeting Privilege Escalation Vulnerabilities in The Plus Addons for Elementor Pro on over 75% of sites reporting attacks during this period. By April 13, 2021, this campaign was targeting more sites than all other campaigns put together. Number of sites attacked per day …
Read More

Episode 113: An Unprecedented FBI Operation Removes Webshells from Infected Exchange Servers

This entry was posted in Podcasts on April 16, 2021 by Ram Gall   0 Replies

An FBI initiative began remotely removing webshells from infected Microsoft Exchange servers. WordPress 5.7.1 was released with a few security patches. Over 15 Elementor add on plugins were found to have vulnerabilities similar to those found in the main Elementor plugin; these additional plugin vulnerabilities affected over 3.5 million sites with over 100 vulnerable endpoints. …
Read More

Recent Patches Rock the Elementor Ecosystem

This entry was posted in Research, Vulnerabilities, WordPress Security on April 13, 2021 by Ram Gall   6 Replies

This post has been updated with additional plugins that have been patched since its original publication. We will continue to add plugins as they are patched. Over the last few weeks, the Wordfence Threat Intelligence team has responsibly disclosed vulnerabilities in more than 15 of the most popular addon plugins for Elementor, which are collectively …
Read More

Episode 112: Wix Takes Aim at WordPress With New Ad Campaign

This entry was posted in Podcasts on April 09, 2021 by Ram Gall   0 Replies

A new Wix ad campaign targets WordPress but ends up being tone deaf in both content and strategy. New details emerge about the PHP compromise, but the full story remains unclear. Facebook user data from 2019 ends up on the dark web, and Have I Been Pwned adds a phone number check to help users …
Read More

Vulnerabilities Patched in WP Page Builder

This entry was posted in Research, Vulnerabilities, WordPress Security on April 08, 2021 by Ram Gall   0 Replies

On February 15, 2021, the Wordfence Threat Intelligence team began the responsible disclosure process for several vulnerabilities in WP Page Builder, a plugin installed on over 10,000 sites. These vulnerabilities allowed any logged-in user, including subscribers, to access the page builder’s editor and make changes to existing posts on the site by default. Additionally, any …
Read More

Episode 110: Active Exploitation Continues on Unpatched Thrive Themes

This entry was posted in Podcasts on March 26, 2021 by Ram Gall   2 Replies

Attackers continue to exploit recently patched vulnerabilities in Thrive Themes, though not all of them are successful. Two vulnerabilities are patched in the Facebook for WordPress plugin installed on over half a million sites. Google Chrome version 90 will use HTTPS by default, bringing significant improvements to speed and security. A ransomware insurance provider experiences …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates