Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Category Archive: Research

Wordfence Blog

One Million Sites Affected: Four Severe Vulnerabilities Patched in Ninja Forms

This entry was posted in Research, Vulnerabilities, WordPress Security on February 16, 2021 by Chloe Chamberland   0 Replies

On January 20, 2021, our Threat Intelligence team responsibly disclosed four vulnerabilities in Ninja Forms, a WordPress plugin used by over one million sites. One of these flaws made it possible for attackers to redirect site administrators to arbitrary locations. The second flaw made it possible for attackers with subscriber level access or above to …
Read More

Multiple Vulnerabilities Patched in Responsive Menu Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on February 10, 2021 by Chloe Chamberland   4 Replies

On December 17, 2020, our Threat Intelligence team responsibly disclosed three vulnerabilities in Responsive Menu, a WordPress plugin installed on over 100,000 sites. The first flaw made it possible for authenticated attackers with low-level permissions to upload arbitrary files and ultimately achieve remote code execution. The remaining two flaws made it possible for attackers to …
Read More

Severe Vulnerabilities Patched in NextGen Gallery Affect over 800,000 WordPress Sites

This entry was posted in Research, Vulnerabilities, WordPress Security on February 08, 2021 by Ram Gall   4 Replies

On December 14, 2020, the Wordfence Threat Intelligence team finished researching two Cross-Site Request Forgery (CSRF) vulnerabilities in NextGen Gallery, a WordPress plugin with over 800,000 installations, including a critical severity vulnerability that could lead to Remote Code Execution(RCE) and Stored Cross-Site Scripting(XSS). Exploitation of these vulnerabilities could lead to a site takeover, malicious redirects, …
Read More

Unpatched Vulnerability: 50,000 WP Sites Must Find Alternative for Contact Form 7 Style

This entry was posted in Research, WordPress Security on February 04, 2021 by Chloe Chamberland   9 Replies

On December 9, 2020, the Wordfence Threat Intelligence team discovered a Cross-Site Request Forgery (CSRF) to Stored Cross Site Scripting (XSS) vulnerability in Contact Form 7 Style, a WordPress plugin installed on over 50,000 sites. Please note that this is a separate plugin from “Contact Form 7” and is designed as an add-on to that …
Read More

Machine Learning Gives Wordfence an Advantage

This entry was posted in Research, Wordfence, WordPress Security on February 02, 2021 by Gregory Bloom   1 Reply

Wordfence is the leader in WordPress security, protecting over 4 million WordPress sites from malicious attacks. With new malware variants discovered daily, we now have a new weapon in our arsenal against WordPress attacks: Machine Learning. How Wordfence identifies malware For years, the Wordfence Threat Intelligence team has stayed ahead of attackers by quickly identifying …
Read More

The Wordfence 2020 WordPress Threat Report

This entry was posted in General Security, Research, Wordfence, WordPress Security on January 27, 2021 by Ram Gall   4 Replies

Over the course of 2020, and in the process of protecting over 4 million WordPress customers, the Wordfence Threat Intelligence team gathered a massive amount of raw data from attacks targeting WordPress and infection trends, in addition to the malware samples gathered by our Site Cleaning team. Attacks on WordPress can be categorized in three …
Read More

Multiple Vulnerabilities Patched in Orbit Fox by ThemeIsle Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on January 12, 2021 by Chloe Chamberland   1 Reply

On November 19, 2020, our Threat Intelligence team responsibly disclosed two vulnerabilities in Orbit Fox by ThemeIsle, a WordPress plugin used by over 400,000 sites. One of these flaws made it possible for attackers with contributor level access or above to escalate their privileges to those of an administrator and potentially take over a WordPress …
Read More

Who Attacked SolarWinds and Why WordPress Users Need to Know

This entry was posted in General Security, Research, WordPress Security on December 24, 2020 by Chloe Chamberland   18 Replies

Chloe Chamberland is a threat analyst and member of the Wordfence Threat Intelligence Team. She holds the following certifications: OSCP, OSWP, OSWE, Security+, CySA+, PenTest+, CASP+, SSCP, Associate of (ISC)2, CEH, ECSA and eWPT. Many of these are advanced certifications including OSCP and OSWE which are 24 and 48 hour exams respectively, that require hands-on …
Read More

The NoneNone Brute Force Attacks: Even Hackers Need QA

This entry was posted in Research, WordPress Security on December 17, 2020 by Ram Gall   33 Replies

For the last few weeks we’ve seen and blocked an increase in brute-force, credential stuffing, and dictionary attacks targeting the WordPress xmlrpc.php endpoint, on some days exceeding 150 million attacks against 1.9 million sites in a 24-hour period. These attacks attempt to guess the password of an authorized user on a site, and some of …
Read More

Reflected XSS in PageLayer Plugin Affects Over 200,000 WordPress Sites

This entry was posted in Research, Vulnerabilities, WordPress Security on December 10, 2020 by Ram Gall   2 Replies

On November 4, 2020, the Wordfence Threat Intelligence team found two reflected Cross-Site Scripting (XSS) vulnerabilities in PageLayer, a WordPress plugin installed on over 200,000 sites. These vulnerabilities could lead to an attacker executing malicious Javascript in an administrator’s browser, which could lead to takeover of a vulnerable WordPress site. We contacted the plugin’s publisher, …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates