Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Category Archive: Research

Wordfence Blog

High-Severity Vulnerabilities Patched in Discount Rules for WooCommerce

This entry was posted in Research, Vulnerabilities, WordPress Security on September 17, 2020 by Ram Gall   1 Reply

On August 20, 2020, the Wordfence Threat Intelligence team was made aware of several vulnerabilities that had been patched in Discount Rules for WooCommerce, a WordPress plugin installed on over 40,000 sites. We released a firewall rule to protect against these vulnerabilities the same day. During our investigation, we also discovered a separate set of …
Read More

Attackers Fight for Control of Sites Targeted in File Manager Vulnerability

This entry was posted in Research, Vulnerabilities, WordPress Security on September 10, 2020 by Ram Gall   5 Replies

Last week, we covered a vulnerability in the File Manager plugin installed on over 700,000 WordPress sites. By Friday, September 4, 2020, we recorded attacks on over 1.7 million sites, and by today, September 10, 2020 the total number of sites attacked has increased to over 2.6 million. We’ve seen evidence of multiple threat actors …
Read More

700,000 WordPress Users Affected by Zero-Day Vulnerability in File Manager Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on September 01, 2020 by Chloe Chamberland   16 Replies

This morning, on September 1, 2020, the Wordfence Threat Intelligence team was alerted to the presence of a vulnerability being actively exploited in File Manager, a WordPress plugin with over 700,000 active installations. This vulnerability allowed unauthenticated users to execute commands and upload malicious files on a target site. A patch was released this morning …
Read More

High-Severity Vulnerability Patched in Advanced Access Manager

This entry was posted in Research, Vulnerabilities, WordPress Security on August 20, 2020 by Ram Gall   2 Replies

On August 13, 2020, the Wordfence Threat Intelligence team finished investigating two vulnerabilities in Advanced Access Manager, a WordPress plugin with over 100,000 installations, including a high-severity Authorization Bypass vulnerability that could lead to privilege escalation and site takeover. We reached out to the plugin’s author the next day, on August 14, 2020, and received …
Read More

Critical Vulnerabilities Patched in Quiz and Survey Master Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on August 13, 2020 by Chloe Chamberland   1 Reply

On July 17, 2020, our Threat Intelligence team discovered two vulnerabilities in Quiz and Survey Master (QSM), a WordPress plugin installed on over 30,000 sites. These flaws made it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution, as well as delete arbitrary files like a site’s wp-config.php file which could …
Read More

The Official Facebook Chat Plugin Created Vector for Social Engineering Attacks

This entry was posted in Research, Vulnerabilities, WordPress Security on August 04, 2020 by Chloe Chamberland   0 Replies

On June 26, 2020, our Threat Intelligence team discovered a vulnerability in The Official Facebook Chat Plugin, a WordPress plugin installed on over 80,000 sites. This flaw made it possible for low-level authenticated attackers to connect their own Facebook Messenger account to any site running the vulnerable plugin and engage in chats with site visitors …
Read More

Critical Vulnerability Exposes over 700,000 Sites Using Divi, Extra, and Divi Builder

This entry was posted in Research, Vulnerabilities, WordPress Security on August 04, 2020 by Chloe Chamberland   11 Replies

On July 23, 2020, our Threat Intelligence team discovered a vulnerability present in two themes by Elegant Themes, Divi and Extra, as well as Divi Builder, a WordPress plugin. Combined, these products are installed on an estimated 700,000 sites. This flaw gave authenticated attackers, with contributor-level or above capabilities, the ability to upload arbitrary files, …
Read More

Newsletter Plugin Vulnerabilities Affect Over 300,000 Sites

This entry was posted in Research, Vulnerabilities, WordPress Security on August 03, 2020 by Ram Gall   6 Replies

On July 13, 2020, our Threat Intelligence team was alerted to a recently patched vulnerability in Newsletter, a WordPress plugin with over 300,000 installations. While investigating this vulnerability, we discovered two additional, more serious vulnerabilities, including a reflected Cross-Site Scripting(XSS) vulnerability and a PHP Object Injection vulnerability. We reached out to the plugin’s author on …
Read More

High Severity Vulnerability Patched in TC Custom JavaScript

This entry was posted in Research, Vulnerabilities, WordPress Security on July 21, 2020 by Ram Gall   0 Replies

On June 12, 2020, Wordfence Threat Intelligence discovered an unauthenticated stored Cross-Site Scripting(XSS) vulnerability in TC Custom JavaScript, a WordPress plugin with over 10,000 installations. Wordfence Premium customers received a new firewall rule to provide protection against attacks targeting this vulnerability the same day. Wordfence users still using the free version received this rule after …
Read More

2 Million Users Affected by Vulnerability in All in One SEO Pack

This entry was posted in Research, Vulnerabilities, WordPress Security on July 16, 2020 by Chloe Chamberland   9 Replies

On July 10, 2020, our Threat Intelligence team discovered a vulnerability in All In One SEO Pack, a WordPress plugin installed on over 2 million sites. This flaw allowed authenticated users with contributor level access or above the ability to inject malicious scripts that would be executed if a victim accessed the wp-admin panel’s ‘all …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates