This entry was posted in Research, Vulnerabilities, WordPress Security on July 16, 2020 by Chloe Chamberland 0 Replies
On July 10, 2020, our Threat Intelligence team discovered a vulnerability in All In One SEO Pack, a WordPress plugin installed on over 2 million sites. This flaw allowed authenticated users with contributor level access or above the ability to inject malicious scripts that would be executed if a victim accessed the wp-admin panel’s ‘all …
Read More
This entry was posted in Research, Vulnerabilities, WordPress Security on July 09, 2020 by Ram Gall 2 Replies
On June 15, 2020, our Threat Intelligence team was made aware of a number of access control vulnerabilities that had recently been disclosed in KingComposer, a WordPress plugin installed on over 100,000 sites. During our investigation of these vulnerabilities, we discovered an unpatched reflected Cross-Site Scripting(XSS) vulnerability. Wordfence Premium customers received a new firewall rule …
Read More
This entry was posted in Research, Vulnerabilities, WordPress Security on July 08, 2020 by Ram Gall 3 Replies
On June 24, 2020, our Threat Intelligence team was made aware of a possible vulnerability in the Adning Advertising plugin, a premium plugin with over 8,000 customers. We eventually discovered 2 vulnerabilities, one of which was a critical vulnerability that allowed an unauthenticated attacker to upload arbitrary files, leading to Remote Code Execution(RCE), which could …
Read More
This entry was posted in General Security, Wordfence, WordPress Security on June 24, 2020 by Ram Gall 2 Replies
At Wordfence, we take performance seriously on all levels. While speed is one way to measure performance, there are other metrics that are equally important. Over the past year, our Threat Intelligence team has improved our malware scan by leaps and bounds. We wanted to share some of the metrics we use and what they …
Read More
This entry was posted in Vulnerabilities, WordPress Security on June 11, 2020 by Ram Gall 2 Replies
WordPress Core version 5.4.2 has just been released. Since this release is marked as a combined security and bug fix update, we recommend updating as soon as possible. With that said, most of the security fixes themselves are for vulnerabilities that would require specific circumstances to exploit. All in all this release contains 6 security …
Read More
This entry was posted in General Security, Research, WordPress Security on June 03, 2020 by Ram Gall 24 Replies
Between May 29 and May 31, 2020, the Wordfence Firewall blocked over 130 million attacks intended to harvest database credentials from 1.3 million sites by downloading their configuration files. The peak of this attack campaign occurred on May 30, 2020. At this point, attacks from this campaign accounted for 75% of all attempted exploits of …
Read More
This entry was posted in Research, Vulnerabilities, WordPress Security on May 28, 2020 by Chloe Chamberland 0 Replies
A few weeks ago, our Threat Intelligence team discovered several vulnerabilities present in Page Builder: PageLayer – Drag and Drop website builder, a WordPress plugin actively installed on over 200,000 sites. The plugin is from the same creators as wpCentral, a plugin within which we recently discovered a privilege escalation vulnerability. One flaw allowed any …
Read More
This entry was posted in Research, Vulnerabilities, WordPress Security on May 19, 2020 by Chloe Chamberland 4 Replies
On May 6, our Threat Intelligence team was alerted to a zero-day vulnerability present in Elementor Pro, a WordPress plugin installed on approximately 1 million sites. That vulnerability was being exploited in conjunction with another vulnerability found in Ultimate Addons for Elementor, a WordPress plugin installed on approximately 110,000 sites. We immediately released a firewall …
Read More
This entry was posted in Research, Vulnerabilities, WordPress Security on May 13, 2020 by Chloe Chamberland 0 Replies
On April 21st, our Threat Intelligence team discovered a vulnerability in Site Kit by Google, a WordPress plugin installed on over 300,000 sites. This flaw allows any authenticated user, regardless of capability, to become a Google Search Console owner for any site running the Site Kit by Google plugin. We filed a security issue report …
Read More
This entry was posted in Vulnerabilities, WordPress Security on May 13, 2020 by Ram Gall 32 Replies
Starting April 28th, we saw a 30 times increase in cross site scripting attack volume, originating from a single attacker, and targeting over a million WordPress sites. We published research detailing the threat actor and attack volume increase on May 5th. By the time we published, the attack volume had dropped back down to baseline …
Read More
