Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Author Archive: Ram Gall

Wordfence Blog

Nulled WordPress Plugins – Dangers and Downsides

This entry was posted in General Security, WordPress Security on July 21, 2021 by Ram Gall   7 Replies

In our 2020 Threat Report, the Wordfence Threat Intelligence Team identified malware distributed via nulled, pirated, or counterfeit plugins and themes as one of the largest threats facing the WordPress ecosystem. Many site owners are unaware of the risks associated with using nulled plugins, and in many cases, they may not even be aware that …
Read More

Episode 125: Critical SQL Injection Vulnerability Patched in WooCommerce

This entry was posted in Podcasts on July 16, 2021 by Ram Gall   0 Replies

A critical SQL injection vulnerability was discovered in WooCommerce, the most popular e-Commerce plugin used by over 5 million WordPress sites. The WordPress.org team pushed a forced security update ensuring that over 90 versions of WooCommerce were patched. The REvil ransomware gang targeted a zero-day vulnerability in Kaseya, used by many in the banking industry, …
Read More

Critical SQL Injection Vulnerability Patched in WooCommerce

This entry was posted in Vulnerabilities, WordPress Security on July 15, 2021 by Ram Gall   15 Replies

Update: The article originally credited Tommy DeVoss (dawgyg) for the discovery. We’ve since been contacted by Tommy, who let us know that the credit should go to another researcher, Josh from DOS (Development Operations Security) On July 14, 2021, WooCommerce released an emergency patch for a SQL Injection vulnerability reported by a security researcher, Josh …
Read More

Episode 123: Over 30 Million Dell Devices at Risk for Remote BIOS Attacks

This entry was posted in Podcasts on June 24, 2021 by Ram Gall   0 Replies

Over 30 million Dell devices are at risk for remote BIOS attacks due to four separate security bugs, which can have far reaching effects for enterprise organizations heavily invested in Dell devices. VMware Carbon Black App Control has been updated this week to fix a critical-severity vulnerability that allows authentication bypass. Antivirus creator John McAfee …
Read More

Episode 122: Largest Password Dump in History Fuels Credential Stuffing Extravaganza

This entry was posted in Podcasts on June 18, 2021 by Ram Gall   2 Replies

Sites running Jetpack are being infected via compromised WordPress.com credentials. The largest password dump ever with 8.4 billion passwords is used in credential stuffing attacks. Wordfence Threat Intelligence discloses new plugin vulnerabilities as well as a vulnerability at tsoHost. Data Breaches impact VW and EA, REvil compromises a nuclear weapons contractor, and TurboTax accounts are …
Read More

Cross-Site Request Forgery Patched in WP Fluent Forms

This entry was posted in Research, Vulnerabilities, WordPress Security on June 16, 2021 by Ram Gall   0 Replies

On March 2, 2021, the Wordfence Threat Intelligence team responsibly disclosed a Cross-Site Request Forgery(CSRF) vulnerability in WP Fluent Forms, a WordPress plugin installed on over 80,000 sites. This vulnerability also allowed a stored Cross-Site Scripting(XSS) attack which, if successfully exploited, could be used to take over a site. We reached out to the plugin …
Read More

Episode 121: Wordfence is Now a CVE Numbering Authority (CNA)

This entry was posted in Podcasts on June 11, 2021 by Ram Gall   0 Replies

Wordfence is now a CVE Numbering Authority, or a CNA. As a CNA, Wordfence can now assign CVE IDs for new vulnerabilities in WordPress Core, WordPress Plugins and WordPress Themes. An outage at Fastly takes down major websites including Reddit, Twitch, Amazon, and many others. Microsoft patches numerous Windows 0-day vulnerabilities, and Google patches a …
Read More

Malicious Attack Campaign Targeting Jetpack Users Reusing Passwords

This entry was posted in PSA, Research, WordPress Security on June 11, 2021 by Ram Gall   10 Replies

The Wordfence Threat Intelligence and Site Cleaning teams have been tracking a malware campaign that redirects all site visitors to malvertising domains, while attempting to keep site administrators unaware of the infection. Since June 1, 2021, the number of sites we are tracking that have been infected with this malware has more than doubled, and …
Read More

Critical 0-day in Fancy Product Designer Under Active Attack

This entry was posted in Research, Vulnerabilities, WordPress Security on June 01, 2021 by Ram Gall   2 Replies

Update: A patched version of Fancy Product Designer, 4.6.9, is now available as of June 2, 2021. This article has been updated to reflect newly available information, including Indicators of Compromise. On May 31, 2021, the Wordfence Threat Intelligence team discovered a critical file upload vulnerability being actively exploited in Fancy Product Designer, a WordPress …
Read More

Episode 119: Critical VMWare Vulnerability Threatens Data Centers

This entry was posted in Podcasts on May 28, 2021 by Ram Gall   0 Replies

A Critical Vulnerability in VMWare’s vCenter Server threatens some of the largest data centers in the world. An actively exploited 0-day in macOS was used to take screen shots of infected computers. CodeCov claims another victim as Japanese e-Commerce unicorn Mercari reports a massive data breach. Domino’s India and Air India suffer from large-scale data …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 200 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates