Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Category Archive: WordPress Security

Wordfence Blog

2 Million Users Affected by Vulnerability in All in One SEO Pack

This entry was posted in Research, Vulnerabilities, WordPress Security on July 16, 2020 by Chloe Chamberland   0 Replies

On July 10, 2020, our Threat Intelligence team discovered a vulnerability in All In One SEO Pack, a WordPress plugin installed on over 2 million sites. This flaw allowed authenticated users with contributor level access or above the ability to inject malicious scripts that would be executed if a victim accessed the wp-admin panel’s ‘all …
Read More

XSS Flaw Impacting 100,000 Sites Patched in KingComposer

This entry was posted in Research, Vulnerabilities, WordPress Security on July 09, 2020 by Ram Gall   2 Replies

On June 15, 2020, our Threat Intelligence team was made aware of a number of access control vulnerabilities that had recently been disclosed in KingComposer, a WordPress plugin installed on over 100,000 sites. During our investigation of these vulnerabilities, we discovered an unpatched reflected Cross-Site Scripting(XSS) vulnerability. Wordfence Premium customers received a new firewall rule …
Read More

Critical Vulnerabilities Patched in Adning Advertising Plugin

This entry was posted in Research, Vulnerabilities, WordPress Security on July 08, 2020 by Ram Gall   3 Replies

On June 24, 2020, our Threat Intelligence team was made aware of a possible vulnerability in the Adning Advertising plugin, a premium plugin with over 8,000 customers. We eventually discovered 2 vulnerabilities, one of which was a critical vulnerability that allowed an unauthenticated attacker to upload arbitrary files, leading to Remote Code Execution(RCE), which could …
Read More

Malware Detection: Measuring Recall to Catch Them All

This entry was posted in General Security, Wordfence, WordPress Security on June 24, 2020 by Ram Gall   2 Replies

At Wordfence, we take performance seriously on all levels. While speed is one way to measure performance, there are other metrics that are equally important. Over the past year, our Threat Intelligence team has improved our malware scan by leaps and bounds. We wanted to share some of the metrics we use and what they …
Read More

WordPress 5.4.2 Patches Multiple XSS Vulnerabilities

This entry was posted in Vulnerabilities, WordPress Security on June 11, 2020 by Ram Gall   2 Replies

WordPress Core version 5.4.2 has just been released. Since this release is marked as a combined security and bug fix update, we recommend updating as soon as possible. With that said, most of the security fixes themselves are for vulnerabilities that would require specific circumstances to exploit. All in all this release contains 6 security …
Read More

Large Scale Attack Campaign Targets Database Credentials

This entry was posted in General Security, Research, WordPress Security on June 03, 2020 by Ram Gall   24 Replies

Between May 29 and May 31, 2020, the Wordfence Firewall blocked over 130 million attacks intended to harvest database credentials from 1.3 million sites by downloading their configuration files. The peak of this attack campaign occurred on May 30, 2020. At this point, attacks from this campaign accounted for 75% of all attempted exploits of …
Read More

High Severity Vulnerabilities in PageLayer Plugin Affect Over 200,000 WordPress Sites

This entry was posted in Research, Vulnerabilities, WordPress Security on May 28, 2020 by Chloe Chamberland   0 Replies

A few weeks ago, our Threat Intelligence team discovered several vulnerabilities present in Page Builder: PageLayer – Drag and Drop website builder, a WordPress plugin actively installed on over 200,000 sites. The plugin is from the same creators as wpCentral, a plugin within which we recently discovered a privilege escalation vulnerability. One flaw allowed any …
Read More

The Elementor Attacks: How Creative Hackers Combined Vulnerabilities to Take Over WordPress Sites

This entry was posted in Research, Vulnerabilities, WordPress Security on May 19, 2020 by Chloe Chamberland   4 Replies

On May 6, our Threat Intelligence team was alerted to a zero-day vulnerability present in Elementor Pro, a WordPress plugin installed on approximately 1 million sites. That vulnerability was being exploited in conjunction with another vulnerability found in Ultimate Addons for Elementor, a WordPress plugin installed on approximately 110,000 sites. We immediately released a firewall …
Read More

Vulnerability in Google WordPress Plugin Grants Attacker Search Console Access

This entry was posted in Research, Vulnerabilities, WordPress Security on May 13, 2020 by Chloe Chamberland   0 Replies

On April 21st, our Threat Intelligence team discovered a vulnerability in Site Kit by Google, a WordPress plugin installed on over 300,000 sites. This flaw allows any authenticated user, regardless of capability, to become a Google Search Console owner for any site running the Site Kit by Google plugin. We filed a security issue report …
Read More

One Attacker Outpaces All Others

This entry was posted in Vulnerabilities, WordPress Security on May 13, 2020 by Ram Gall   32 Replies

Starting April 28th, we saw a 30 times increase in cross site scripting attack volume, originating from a single attacker, and targeting over a million WordPress sites. We published research detailing the threat actor and attack volume increase on May 5th. By the time we published, the attack volume had dropped back down to baseline …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates