Lucene search
+L
WordfenceMost viewed

523 matches found

Wordfence Blog
Wordfence Blog
added 2025/10/20 4:41 p.m.9 views

Malware Using Variable Functions and Cookies For Obfuscation

📢 Calling all Vulnerability Researchers and Bug Bounty Hunters!📢 🚀 Operation: Maximum Impact Challenge ! Now through November 10, 2025, earn 2X bounty rewards forall in-scope submissions in software with at least 5,000 active installs and fewer than 5 million active installs. Bounties up to $31,2...

8AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/09/09 3:38 p.m.9 views

The Price of ‘Free’: How Nulled Plugins Are Used to Weaken Your Defense

The Wordfence Threat Intelligence Team has discovered a new malware campaign that highlights the hidden risks associated with "nulled plugins", or premium plugins that have been tampered with by third parties. This campaign is particularly concerning because it doesn't just infect websites: it...

7.2AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/08/25 4:31 p.m.9 views

15,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Dokan Pro WordPress Plugin

📢 Calling all Vulnerability Researchers and Bug Bounty Hunters!📢 🌞 Spring into Summer with Wordfence! Now through September 4, 2025, earn 2X bounty rewards forall in-scope submissions from our ‘High Threat’ list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

8.8CVSS8.3AI score0.00414EPSS
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/08/22 4:3 p.m.9 views

Wordfence Bug Bounty Program Monthly Report – July 2025

Last month in July 2025, the Wordfence Bug Bounty Program received 325 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by the Wordfence...

9.4AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/03/31 4:26 p.m.9 views

20,000 WordPress Sites Affected by Arbitrary File Upload and Deletion Vulnerabilities in WP Ultimate CSV Importer WordPress Plugin

📢Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

8.8CVSS7.7AI score0.01105EPSS
Exploits0
Wordfence Blog
Wordfence Blog
added 2022/10/06 7:1 p.m.9 views

National Cyber Security Awareness Month: You Could Be the Biggest Threat to Your WordPress Site

October is National Cyber Security Awareness Month in the U.S., and this year’s theme is “See Yourself in Cyber.” What is really being said by this theme is that we all have a role to play in cyber security, whether we work in the industry or not. With this in mind, the Cybersecurity and...

7.6AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2026/05/21 4:40 p.m.8 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 11, 2026 to May 17, 2026)

Last week, there were 78 vulnerabilities disclosed in 62 WordPress Plugins and 2 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 59 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities i...

6AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/12/10 4:56 p.m.8 views

Wordfence Bug Bounty Program Monthly Report – November 2025

Last month in November 2025, the Wordfence Bug Bounty Program received 746 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by the Wordfen...

7.8AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/04/16 4:36 p.m.8 views

6,000 WordPress Sites Affected by Arbitrary File Move Vulnerability in Drag and Drop Multiple File Upload for WooCommerce WordPress Plugin

📢Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

9.8CVSS8.2AI score0.01591EPSS
Exploits0
Wordfence Blog
Wordfence Blog
added 2026/05/06 4:39 p.m.7 views

Authenticated Arbitrary File Upload Vulnerability Patched in Slider Revolution 7 WordPress Plugin

On April 18th, 2026, we received a submission for an Authenticated Arbitrary File Upload vulnerability in Slider Revolution, a WordPress plugin. Although the plugin has more than 5,000,000 active installations, we estimate that only around 45,000 sites are using a vulnerable version, as the issue...

8.8CVSS6.6AI score0.00815EPSS
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/10/29 7:14 p.m.7 views

Attackers Actively Exploiting Critical Vulnerability in WP Freeio Plugin

On September 25th, 2025, we received a submission for a Privilege Escalation vulnerability in WP Freeio, a WordPress plugin bundled in the Freeio premium theme with more than 1,700 sales. This vulnerability makes it possible for an unauthenticated attacker to grant themselves administrative...

9.8CVSS6.8AI score0.00577EPSS
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/10/28 3:54 p.m.7 views

100,000 WordPress Sites Affected by Arbitrary File Read Vulnerability in Anti-Malware Security and Brute-Force Firewall WordPress Plugin

On October 3rd, 2025, we received a submission for an Arbitrary File Read vulnerability in Anti-Malware Security and Brute-Force Firewall, a WordPress plugin with more than 100,000 active installations. This vulnerability makes it possible for an authenticated attacker, with subscriber-level...

6.5CVSS5.6AI score0.00572EPSS
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/10/17 1:24 p.m.7 views

Wordfence Bug Bounty Program Monthly Report – September 2025

Last month in September 2025, the Wordfence Bug Bounty Program received 374 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by the...

8.1AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/10/14 3:56 p.m.7 views

4,000,000 WordPress Sites Affected by Arbitrary File Read Vulnerability in Slider Revolution WordPress Plugin

Calling all Vulnerability Researchers and Bug Bounty Hunters! Operation: Maximum Impact Challenge ! Now through November 10, 2025, earn 2X bounty rewards forall in-scope submissions in software with at least 5,000 active installs and fewer than 5 million active installs. Bounties up to $31,200 pe...

6.5CVSS6.7AI score0.00496EPSS
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/07/09 4:5 p.m.7 views

200,000 WordPress Sites Affected by Arbitrary File Deletion Vulnerability in SureForms WordPress Plugin

📢 Calling all Vulnerability Researchers and Bug Bounty Hunters!📢 🌞 Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards forall in-scope submissions from our ‘High Threat’ list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

8.1CVSS7.3AI score0.00984EPSS
Exploits0
Wordfence Blog
Wordfence Blog
added 2024/09/17 6:27 p.m.7 views

GPU Hosting and Open Source AI Will Revolutionize or Kill WordPress

On the eve of WordCamp US 2024 we find ourselves in the midst of a revolution. It is perhaps the most profoundly transformative technology revolution our species has experienced in our short history in this Universe. In fundamental terms, since computers have existed we have been programming them...

7.2AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2022/02/18 3:48 p.m.7 views

Friday Fun: From Idea to Animated Film

Its Friday, and I thought wed have fun talking about something a little different. At Wordfence, one of my priorities is fostering a strong creative team and culture, and investing in creators. Emily Dalmas joined us as a full-time producer almost a year ago via her job as Associate Producer for...

7.2AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2026/04/06 4:1 p.m.6 views

50,000 WordPress Sites affected by Arbitrary File Upload Vulnerability in Ninja Forms – File Upload WordPress Plugin

On January 8th, 2026, we received a submission for an Arbitrary File Upload vulnerability in Ninja Forms - File Upload, a WordPress plugin with an estimated 50,000 active installations. This vulnerability makes it possible for an unauthenticated attacker to upload arbitrary files to a vulnerable...

9.8CVSS6.7AI score0.54254EPSS
Exploits8
Wordfence Blog
Wordfence Blog
added 2025/10/15 2:1 p.m.6 views

Quarterly WordPress Threat Intelligence Report – Q3 2025

As the leader in WordPress security, Wordfence provides unparalleled security coverage that fully encompasses protection, active monitoring, detection, and response all built around our threat intelligence, demonstrating a strong commitment to security. Our mission is to ensure comprehensive...

8.1AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/07/01 4:33 p.m.6 views

600,000 WordPress Sites Affected by Arbitrary File Deletion Vulnerability in Forminator WordPress Plugin

📢 Calling all Vulnerability Researchers and Bug Bounty Hunters!📢 🌞 Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards forall in-scope submissions from our ‘High Threat’ list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

8.8CVSS7.2AI score0.10538EPSS
Exploits0
Wordfence Blog
Wordfence Blog
added 2026/04/30 5:43 p.m.5 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 20, 2026 to April 26, 2026)

Last week, there were 158 vulnerabilities disclosed in 123 WordPress Plugins and 27 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 69 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...

6AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2024/09/30 5:13 p.m.5 views

A (Beta) Audio Roundup of September’s WordPress Vulnerabilities

For those of you that want to stay abreast of the newest vulnerabilities in the WP ecosystem, but like to multitask, here's an audio roundup of the vulnerabilities we published in the month of September. This is something new I'm trying. The conversation is AI generated by Google's NotebookLM...

7.3AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2026/03/26 3:39 p.m.4 views

800,000 WordPress Sites Affected by Arbitrary File Read Vulnerability in Smart Slider 3 WordPress Plugin

On February 23, 2026, we received a submission for an Arbitrary File Read vulnerability in Smart Slider 3, a WordPress plugin with an estimated more than 800,000 active installations. This vulnerability makes it possible for an authenticated attacker, with subscriber-level permissions or higher, ...

6.5CVSS7.5AI score0.00484EPSS
Exploits0
Total number of security vulnerabilities523