This site uses cookies in accordance with our Privacy Policy.
Wordfence Research and News
Know Your Malware Part Two – Hacky Obfuscation Techniques
In the first post in this series, we covered common PHP encoding techniques and how they’re used by malware to hide from security analysts and scanners.
Announcing Vulnerability Scanning in Wordfence CLI 2.0.1 “Voodoo Child”
Note: If you’re a WordPress user, we recommend the Wordfence Security Plugin which provides a robust and complete set of security controls for WordPress websites.
WordPress 6.3.2 Security Release – What You Need to Know
WordPress Core 6.3.2 was released today, on October 12, 2023. It includes a number of security fixes and additional hardening against commonly exploited vulnerabilities.
Know your Malware – A Beginner’s Guide to Encoding Techniques Used to Obfuscate Malware
With the launch of Wordfence CLI, our high performance security scanner that can detect the vast majority of PHP malware targeting WordPress, Wordfence continues to emphasize the importance of malware detection and remediation.
Malware Scanning: An Essential Layer of Website Security
Wordfence recently launched Wordfence CLI, a high performance command line malware scanner, which makes use of our extensive set of malware detection signatures to rapidly scan file systems for infections.
Introducing Wordfence CLI: A High Performance Malware Scanner Built for the Command Line
Today, we are incredibly excited to announce the launch of Wordfence CLI: an open source, high performance malware scanner built for the command-line.
Massive Targeted Exploit Campaign Against WooCommerce Payments Underway
The Wordfence Threat Intelligence team has been monitoring an ongoing exploit campaign targeting a recently disclosed vulnerability in WooCommerce Payments, a plugin installed on over 600,000 sites.
Wordfence Intelligence Weekly WordPress Vulnerability Report (June 26, 2023 to July 2, 2023)
Last week, there were 66 vulnerabilities disclosed in 56 WordPress Plugins and 1 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 34 Vulnerability Researchers that contributed to WordPress Security last week.
Credential-Stealing Server Side Request Forgery Patched in Getwid
On April 6, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for two vulnerabilities in Getwid – Gutenberg Blocks, a plugin installed on over 50,000 WordPress sites.
Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign
The Wordfence Threat Intelligence team has been monitoring an increase in attacks targeting a Cross-Site Scripting vulnerability in Beautiful Cookie Consent Banner, a WordPress plugin installed on over 40,000 sites.
Breaking WordPress Security Research in your inbox as it happens.
