Critical flaw recently patched in Keydatas WordPress plugin already has over 8,000+ exploit attempts recorded. Patch available: upgrade to version 2.6.1 immediately. #WordPress wordfence.com/blog/2024/07/o…

Last week: 68 vulnerabilities in 51 #WordPress plugins and 2 themes were disclosed. 28 researchers contributed. Review the Wordfence Intelligence report to ensure your site is secure. #infosec #cybersecurity wordfence.com/blog/2024/08/w…

60 new vulnerabilities in 53 WordPress plugins were logged in the Wordfence Intelligence Database last week. 33 researchers contributed. Review the report to safeguard your site now. #WordPress #CyberSecurity wordfence.com/blog/2024/08/w…

On July 11, 2024, an RCE vulnerability in the JS Help Desk plugin was responsibly disclosed via the bug bounty program. Wordfence Premium, Care and Response customers received a rule on July 25, 2024. Update to JS Help Desk version 2.8.7 ASAP. #WordPress wordfence.com/blog/2024/08/5…

Announcing the WordPress Superhero Challenge! Through Oct 14, 2024, we’re tripling top bounties to $31,200 for vulnerabilities in plugins/themes with 5M+ installs. Let’s secure the web together. #BugBounty #Wordfence #WordPress wordfence.com/blog/2024/08/e…

Last week, 127 vulnerabilities were disclosed in 110 #WordPress Plugins and 6 Themes, added to the Wordfence Database, with contributions from 46 researchers. Review the report to secure your site. wordfence.com/blog/2024/08/w…

Critical vuln found in InPost PL & InPost for WooCommerce plugins with 10K+ installs. Special thanks to the researcher who earned $450 through our Bug Bounty Program. Update to InPost PL 1.4.5 and delete the removed InPost for WooCommerce plugin now. wordfence.com/blog/2024/08/1…

On May 26, 2024, a PHP Object Injection to RCE vuln in GiveWP was reported. Wordfence users are protected. Update to version 3.14.2. Congrats to the researcher for their discovery and bounty. #BugBounty #WordPress wordfence.com/blog/2024/08/4…

A critical vulnerability in Litespeed Cache affecting 5M sites was just recently patched. Update to v6.4.1 ASAP. Premium, Care and Response users protected on Aug 20. Free users by Sept 19. We expect active exploitation soon. #WordPress wordfence.com/blog/2024/08/o…

Last week, 157 vulnerabilities were found in 124 WordPress plugins and 9 themes. 52 security researchers contributed. Review the latest report to secure your site. wordfence.com/blog/2024/08/w…

On June 19, 2024, a unique RCE vulnerability was found in WPML. All Wordfence users are currently protected. Update to version 4.6.13. #WordPress wordfence.com/blog/2024/08/1…

Last week, 79 vulnerabilities across 58 WordPress Plugins and 1 Theme were disclosed. 32 researchers contributed. Check out the full Wordfence Intelligence Weekly Vulnerability Report to safeguard your site. wordfence.com/blog/2024/08/w…

Vulnerability found in WP Job Portal plugin has been patched. Users are urged to update to version 2.1.7. Props to the researcher for responsible reporting through our bug bounty program. #WordPress wordfence.com/blog/2024/09/6…

Join the WordPress XSSplorer Challenge! From now until Oct 7, 2024, expanded Bug Bounty scope opens XSS vulnerabilities up for all researchers in plugins and themes with 1,000+ installs. #bugbounty #WordPress wordfence.com/blog/2024/09/w…

On July 24, 2024, a Remote Code Execution via Race Condition vulnerability in Bit File Manager was reported, impacting 20,000+ sites. Patched on 8/21. Update to v6.5.6. Kudos to the researcher and Bit Apps team for fast action. #WordPress #BugBounty wordfence.com/blog/2024/09/2…

Last week: 145 vulnerabilities in 100 WordPress plugins and 23 themes. Check the report now and secure your site. 46 researchers contributed. #CyberSecurity #WordPress #WebSecurity #DataProtection #InfoSec wordfence.com/blog/2024/09/w…

Beginner in bug bounty hunting? Check out our detailed guide on finding XSS vulnerabilities in WordPress. Improve your skills and join the WordPress XSSplorer Challenge until 10/7/24. #WordPress #BugBounty #XSS wordfence.com/blog/2024/09/h…

A critical file deletion vulnerability in the Sonaar MP3 Audio Player plugin was patched on Aug 27, 2024. Users must update to version 5.7.1 ASAP. Kudos to the bug bounty researcher. #WordPress #infosec #CyberSecurity wordfence.com/blog/2024/09/c…

Privilege Escalation found in Post Grid & Gutenberg Blocks plugins. Wordfence secured users on Aug 28. Patch available; update to version 2.2.91 ASAP. Thanks to the bug bounty researcher. wordfence.com/blog/2024/09/o…

44 vulnerabilities in 38 WordPress plugins were disclosed last week. No themes affected. 24 researchers contributed. Review the report to secure your site. #infosec #WordPress #CyberSecurity wordfence.com/blog/2024/09/w…