Wordfence Research and News

Blog icon
Newest

XSS Injection Campaign Exploits WordPress AMP Plugin

News broke last week disclosing a number of vulnerabilities in the AMP For WP plugin, installed on over 100,000 WordPress sites. WordPress contributor Sybre Waaijer identified the security issue and confidentially disclosed it to the WordPress plugins team. To exploit the flaw, an attacker needs to have a minimum of subscriber-level access on a vulnerable site. The …
Read More

Ninja Forms Security Updates: What You Need To Know

Yesterday, the popular WordPress plugin Ninja Forms released version 3.3.14, which disclosed and patched two security issues present in the plugin.

Vulnerability in Easy Forms for MailChimp 6.1.2 and older

Panagiotis Vagenas, a Wordfence Security Researcher, has discovered a reflected cross site scripting vulnerability in the Easy Forms for MailChimp plugin for WordPress.
  • Ask Wordfence
  • General Security
  • Holiday
  • Learning
  • Long Read
  • Miscellaneous
  • Monthly Attack Activity Report
  • Podcasts
  • PSA
  • Research
  • SEO
  • Threat Research
  • Uncategorized
  • Videos
  • Vulnerabilities
  • Wordfence
  • Wordfence CLI
  • Wordfence Intelligence
  • WordPress Security

    • Breaking WordPress Security Research in your inbox as it happens.

    Example of a news story

    This site uses cookies in accordance with our Privacy Policy.