Wordfence Research and News

Blog icon
Category: Wordfence

Wordfence Reviews and Where to Find Them

Just a quick note. If you’re looking for objective Wordfence reviews, you can find them on the official WordPress plugin repository in the Wordfence reviews section which is linked to from the Wordfence entry in the official WordPress repository.

Wordfence Intelligence Weekly WordPress Vulnerability Report (October 9, 2023 to October 15, 2023)

Last week, there were 103 vulnerabilities disclosed in 85 WordPress Plugins and no WordPress themes, with 7 of those being in WordPress Core, that have been added to the Wordfence Intelligence Vulnerability Database, and there were 46 Vulnerability Researchers that contributed to WordPress Security last week.

WordPress 6.3.2 Security Release – What You Need to Know

WordPress Core 6.3.2 was released today, on October 12, 2023. It includes a number of security fixes and additional hardening against commonly exploited vulnerabilities.

Know your Malware – A Beginner’s Guide to Encoding Techniques Used to Obfuscate Malware

With the launch of Wordfence CLI, our high performance security scanner that can detect the vast majority of PHP malware targeting WordPress, Wordfence continues to emphasize the importance of malware detection and remediation.

Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks

On August 18, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for two PHP Object Injection vulnerabilities in the Essential Blocks plugin for WordPress, a plugin with over 100,000 installations.

Introducing Wordfence CLI: A High Performance Malware Scanner Built for the Command Line

Today, we are incredibly excited to announce the launch of Wordfence CLI: an open source, high performance malware scanner built for the command-line.

Demystifying the WordPress Vulnerability Landscape: 2023 Mid-Year Wordfence Intelligence WordPress Vulnerability Review Leveraging ChatGPT

In the first 6 months of 2023, our team has already added 2,471[1] individual vulnerability records to the Wordfence Intelligence WordPress Vulnerability Database.

Wordfence 7.10.0 Released!

Wordfence remains the number one security plugin of choice for website owners serious about protecting their investment and their customers.

Post Action Report: Bad Firewall Rule Released to WPEngine Customers Wednesday

On Wednesday afternoon a small percentage of WPEngine websites using a paid version of Wordfence experienced a 500 Internal Server Error or white screen on their sites due to an erroneous firewall rule that we released.

Wordfence Intelligence: Because Community Created Vulnerabilities Are Community Property

Last August, at Black Hat 2022 in Las Vegas, we launched Wordfence Intelligence, a product designed to provide large enterprise customers with rich IP threat data, malware signatures, malware hashes, and vulnerability data to help keep enterprise customers and networks secure.