Wordfence Research and News

Blog icon
Category: Uncategorized
Exploiting WordPress Plugin Vulnerabilities to Steal AWS Metadata
Newest

Exploiting WordPress Plugin Vulnerabilities to Steal AWS Metadata

In an ideal world, vulnerabilities would not exist. A request would be sent to a server, properly validated, and only the intended information would be provided by the server. Of course, this is not a perfect world, and vulnerabilities can be introduced unintentionally, or even found due to previously unknown weaknesses within the programming language. …
Read More

Configuration Probing

Configuration Probing: Your Backups Might Be Your Greatest Weakness

Configuration files exist to make life easier for developers and website operators. In a world without configuration files, every instance of code that depended on a database connection could potentially require the connection details to be hard coded or manually entered. Other reusable data would be defined multiple times, causing code bloat and possible performance …
Read More