$563 Bounty Awarded for Reflected Cross-Site Scripting Vulnerability Patched in Yoast SEO WordPress Plugin

🎉 Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On April 22th, 2024, during our second Bug Bounty Extravaganza, w...

CVE-2023-5105

The Frontend File Manager Plugin WordPress plugin before 22.6 has a vulnerability that allows an Editor+ user to bypass the file download logic and download files such as wp-config.php...

Vulnerabilities fixed in Ivanti Secure Access Client

Ivanti has fixed vulnerabilities in Secure Access Client formerly Pulse Secure Desktop Client. A local malicious person could exploit the vulnerabilities to grant himself elevated privileges granted and thus execute code with potentially system privileges and/or gain access to sensitive data...