Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Author Archive: Chloe Chamberland

Wordfence Blog

Medium Severity Vulnerability Patched in Fast Velocity Minify Plugin

This entry was posted in Vulnerabilities, WordPress Security on October 16, 2019 by Chloe Chamberland   2 Replies

Description: Full Path Disclosure CVSS v3.0 Score: 4.3 (Medium) CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Plugin: Fast Velocity Minify Plugin Slug: fast-velocity-minify Affected Versions: <= 2.7.6 Patched Version: 2.7.7 A few days ago, our Threat Intelligence team identified a vulnerability present in Fast Velocity Minify, a WordPress plugin with approximately  80,000+ active installs. This flaw allowed …
Read More

Authentication Bypass Vulnerability in GiveWP Plugin

This entry was posted in Vulnerabilities, WordPress Security on September 26, 2019 by Chloe Chamberland   0 Replies

Description: Authentication Bypass with Information Disclosure CVSS v3.0 Score: 7.5 (High) CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Plugin: GiveWP Plugin Slug: give Affected Versions: <= 2.5.4 Patched Version: 2.5.5 A few weeks ago, our Threat Intelligence team discovered a vulnerability present in GiveWP, a WordPress plugin installed on over 70,000 websites. The weakness allowed unauthenticated users to bypass …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 100 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates