Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Category Archive: Wordfence

Wordfence Blog

Vulnerability Patched in Import Export WordPress Users

This entry was posted in Vulnerabilities, Wordfence on March 11, 2020 by Chloe Chamberland   0 Replies

On February 26th, our Threat Intelligence team discovered a vulnerability in Import Export WordPress Users, a WordPress plugin installed on over 30,000 sites. The flaw allowed anybody with subscriber-level access or above to import new users via a CSV file, including administrative-level users. We reached out to the plugin’s developer on February 26th, who responded …
Read More

COVID-19 and WordPress Community Engagement in 2020

This entry was posted in Wordfence on March 01, 2020 by Mark Maunder   1 Reply

This is an update regarding Wordfence’s community engagement in 2020 along with a recommendation for WordCamps globally and for the global WordPress community. As always, I’m taking a data-driven approach to this post. I present an update from the WHO regarding the containment of COVID-19 in China and what has worked. I then discuss what …
Read More

Multiple Vulnerabilities Patched in Pricing Table by Supsystic Plugin

This entry was posted in Vulnerabilities, Wordfence on February 25, 2020 by Chloe Chamberland   2 Replies

On January 17th, our Threat Intelligence Team discovered several vulnerabilities in Pricing Table by Supsystic, a WordPress plugin installed on over 40,000 sites. These flaws allowed an unauthenticated user to execute several AJAX actions due to an insecure permissions weakness. Attackers were also able to inject malicious Javascript due to a Cross-Site Scripting (XSS) vulnerability, …
Read More

Wordcamp Asia Cancellation Fee Assistance Package from Wordfence

This entry was posted in Wordfence on February 11, 2020 by Mark Maunder   2 Replies

A few minutes ago it was announced that Wordcamp Asia has been cancelled due to the recent COVID-19 concerns in the region. This was a very tough call, but I believe the right one. To give you some context, I’m going to include an extract from the final part of the World Health Organization Director …
Read More

Wordfence Now Works on WP Engine and with Load Balancers

This entry was posted in Wordfence on August 21, 2019 by Matt Barry   15 Replies

Today we are launching a version of Wordfence containing a new feature for sites on hosting providers with read-only file systems such as WP Engine or for environments where multiple web servers are behind a load balancer. This new feature uses a MySQL storage engine for firewall attack data to protect WordPress sites in complex …
Read More

Major Central Release: Alerts, Security Events and Slack Integration

This entry was posted in Wordfence on June 18, 2019 by Dan Moen   4 Replies

In February we launched Wordfence Central, an efficient way to manage the security of many WordPress sites in one place. If you have multiple sites and haven’t checked it out yet, you should. It includes a powerful dashboard, a single interface to view and manage security findings across all of your sites and robust new …
Read More

Introducing the Wordfence Login Security Plugin

This entry was posted in Wordfence, WordPress Security on June 04, 2019 by Mark Maunder   16 Replies

Today we are excited to announce the release of a brand new plugin: Wordfence Login Security. This plugin is a completely standalone plugin and you don’t need to install the full version of Wordfence to take advantage of the specific security features included in it. Wordfence Login Security is designed by our team to secure …
Read More

Announcing 3 New Login Security Features

This entry was posted in Wordfence, WordPress Security on May 14, 2019 by Dan Moen   23 Replies

Spend any time looking at blocked attacks in Wordfence Live Traffic and you’ll walk away worried about login security. WordPress sites are under constant attack by bots attempting to guess your users’ passwords. A lot of these attacks simply test lists of commonly used passwords along with usernames they think you may have chosen, like …
Read More

Live Event: Wordfence Central Official Launch and Demo

This entry was posted in Ask Wordfence, Learning, Wordfence on February 06, 2019 by Mark Maunder   5 Replies

Today we are very excited to announce the launch of Wordfence Central. Our team has been working hard for almost a year on this ground-breaking project. Wordfence Central gives you the power of a security events and information manager for WordPress. Join me for a live event starting at 8am Pacific time, 11am EST where …
Read More

Introducing Wordfence Central

This entry was posted in Wordfence on February 06, 2019 by Dan Moen   19 Replies

Over the last several months, we have been focused on making Wordfence a better option for organizations with a large number of WordPress sites to protect. To start, we added the ability to secure your staging and development environments with a single Wordfence premium license, something you should take advantage of if you haven’t already. …
Read More

Follow Us


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates