Lucene search
K
WordfenceMost viewed

522 matches found

Wordfence Blog
Wordfence Blog
added 2023/03/22 3:55 p.m.66 views

Multiple Reflected Cross-Site Scripting Vulnerabilities in Three WordPress Plugins Patched

The Wordfence Threat Intelligence Team recently disclosed several Reflected Cross-Site Scripting vulnerabilities that we discovered in three different plugins - Watu Quiz installed on 5,000 sites, GN-Publisher installed on 40,000 sites, and Japanized For WooCommerce installed on 10,000 sites. As...

7AI score0.0126EPSS
Exploits5
Wordfence Blog
Wordfence Blog
added 2023/03/14 4:1 p.m.66 views

Vulnerability Patched in Cozmolabs Profile Builder Plugin – Information Disclosure Leads to Account Takeover

Hundreds, if not thousands of WordPress plugins are conceived with the idea of making site building and maintenance easier for site owners. They add features not available in WordPress Core that would otherwise require site owners to write their own code to extend functionality. However, these...

7AI score0.00769EPSS
Exploits2
Wordfence Blog
Wordfence Blog
added 2023/10/13 9:44 p.m.65 views

PSA: Critical Unauthenticated Arbitrary File Upload Vulnerability in Royal Elementor Addons and Templates Being Actively Exploited

Update: Wordfence has released a malware detection signature for wp.ph$p to Wordfence Premium, Wordfence Care, Wordfence Response, and the paid tiers of Wordfence CLI as of Monday, October 16, 2023. Today, on October 13, 2023, the Wordfence Threat Intelligence Team became aware of a vulnerability...

7.5CVSS7.7AI score0.81695EPSS
Exploits18
Wordfence Blog
Wordfence Blog
added 2023/03/01 4:0 p.m.65 views

Wordfence WooCommerce 2FA: Set Up This New Feature To Protect Your Customers

On February 15, we made the exciting announcement that the latest release of Wordfence, version 7.9.0, includes a new feature: WooCommerce 2FA two-factor authentication for customer level users. What does this mean for you as an e-commerce store operator? And how can you start using this feature?...

7.4AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2024/08/15 5:14 p.m.64 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 5, 2024 to August 11, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Through October 14th, researchers can earn up to $31,200, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and ...

10CVSS9.5AI score0.04624EPSS
Exploits21
Wordfence Blog
Wordfence Blog
added 2024/06/20 1:40 p.m.64 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 10, 2024 to June 16, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest...

10CVSS9.3AI score0.56209EPSS
Exploits14
Wordfence Blog
Wordfence Blog
added 2024/05/06 3:4 p.m.64 views

$563 Bounty Awarded for Reflected Cross-Site Scripting Vulnerability Patched in Yoast SEO WordPress Plugin

🎉 Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On April 22th, 2024, during our second Bug Bounty Extravaganza, w...

6.1CVSS6.2AI score0.00832EPSS
Exploits2
Wordfence Blog
Wordfence Blog
added 2024/04/15 3:0 p.m.64 views

$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin

🎉 Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On March 25th, 2024, during our second Bug Bounty Extravaganza, w...

7.5CVSS8.5AI score0.80596EPSS
Exploits4
Wordfence Blog
Wordfence Blog
added 2022/04/13 4:36 p.m.64 views

Critical Remote Code Execution Vulnerability in Elementor

On March 29, 2022, the Wordfence Threat Intelligence team initiated the disclosure process for a critical vulnerability in the Elementor plugin that allowed any authenticated user to upload arbitrary PHP code. Elementor is one of the most popular WordPress plugins and is installed on over 5 milli...

6.5CVSS0.6AI score0.92658EPSS
Exploits10
Wordfence Blog
Wordfence Blog
added 2025/03/06 5:6 p.m.63 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 24, 2025 to March 2, 2025)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

6.4CVSS10AI score0.03858EPSS
Exploits20
Wordfence Blog
Wordfence Blog
added 2025/01/30 4:4 p.m.63 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 20, 2025 to January 26, 2025)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

9.9CVSS10AI score0.32467EPSS
Exploits18
Wordfence Blog
Wordfence Blog
added 2024/01/18 2:52 p.m.62 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 8, 2024 to January 14, 2024)

Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 67 vulnerabilities disclosed in 60 WordPress Plugins and no WordPress themes that have been added to the Wordfence...

7.5CVSS9.2AI score0.90339EPSS
Exploits15
Wordfence Blog
Wordfence Blog
added 2025/01/16 4:12 p.m.61 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 6, 2025 to January 12, 2025)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

10CVSS10AI score0.47137EPSS
Exploits58
Wordfence Blog
Wordfence Blog
added 2024/05/09 4:49 p.m.61 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 29, 2024 to May 5, 2024)

Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 164 vulnerabilities disclosed in 145 WordPres...

9.8CVSS9.7AI score0.01558EPSS
Exploits26
Wordfence Blog
Wordfence Blog
added 2023/08/07 1:18 p.m.61 views

Demystifying the WordPress Vulnerability Landscape: 2023 Mid-Year Wordfence Intelligence WordPress Vulnerability Review Leveraging ChatGPT

In the first 6 months of 2023, our team has already added 2,4711 individual vulnerability records to the Wordfence Intelligence WordPress Vulnerability Database. These vulnerabilities affected 1,6802 WordPress software components. This means we have already surpassed the total number of...

9.1AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/04/24 1:46 p.m.60 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 14, 2025 to April 20, 2025)

In case you missed it, Wordfence just published itsannual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond. Last week, there were 259 vulnerabilities disclosed in 222 WordPress...

10CVSS9.9AI score0.13265EPSS
Exploits16
Wordfence Blog
Wordfence Blog
added 2024/07/11 3:9 p.m.60 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (July 1, 2024 to July 7, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest...

9.9CVSS9.6AI score0.02836EPSS
Exploits11
Wordfence Blog
Wordfence Blog
added 2024/10/17 3:27 p.m.59 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (October 7, 2024 to October 13, 2024)

Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through November 11th, 2024: All in-scope vulnerability types for WordPress plugins/themes with = 1,000 active installations are...

9.9CVSS9.5AI score0.92319EPSS
Exploits18
Wordfence Blog
Wordfence Blog
added 2024/01/25 2:37 p.m.59 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 15, 2024 to January 21, 2024)

Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 84 vulnerabilities disclosed in 67...

7.5CVSS8.9AI score0.02657EPSS
Exploits12
Wordfence Blog
Wordfence Blog
added 2023/09/28 1:18 p.m.59 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 18, 2023 to September 24, 2023)

Last week, there were 42 vulnerabilities disclosed in 37 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 10 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities ...

5.8CVSS6.9AI score0.01219EPSS
Exploits11
Wordfence Blog
Wordfence Blog
added 2023/06/22 1:11 p.m.59 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 12, 2023 to June 18, 2023)

Last week, there were 60 vulnerabilities disclosed in 52 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 25 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities ...

6.8CVSS7.5AI score0.01683EPSS
Exploits23
Wordfence Blog
Wordfence Blog
added 2025/04/03 3:20 p.m.58 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 24, 2025 to March 30, 2025)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

9.9CVSS10AI score0.76761EPSS
Exploits37
Wordfence Blog
Wordfence Blog
added 2024/05/23 3:0 p.m.58 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 13, 2024 to May 19, 2024)

Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 118 vulnerabilities disclosed in 90 WordPress...

10CVSS9.4AI score0.03345EPSS
Exploits34
Wordfence Blog
Wordfence Blog
added 2024/03/14 2:43 p.m.58 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 4, 2024 to March 10, 2024)

Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 74 vulnerabilities disclosed in 56 WordPress...

6.5CVSS8.9AI score0.26666EPSS
Exploits8
Wordfence Blog
Wordfence Blog
added 2024/05/21 1:1 p.m.57 views

The Wordfence Affiliate Program Officially Launches Today

Today, we are officially launching the Wordfence Affiliate Program. If you love securing WordPress and are passionate about helping make the Web a safer place, click here to apply to the program now. This is an exciting opportunity for us to give back to our incredible community who have been...

7.1AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2023/09/21 1:51 p.m.57 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)

Last week, there were 55 vulnerabilities disclosed in 46 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 15 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities ...

6.8CVSS8.7AI score0.06838EPSS
Exploits16
Wordfence Blog
Wordfence Blog
added 2023/09/19 1:48 p.m.57 views

Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks

On August 18, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for two PHP Object Injection vulnerabilities in the Essential Blocks plugin for WordPress, a plugin with over 100,000 installations. We received a response three days later and sent over our fu...

7.8AI score0.0134EPSS
Exploits3
Wordfence Blog
Wordfence Blog
added 2023/05/16 8:36 p.m.57 views

WordPress Core 6.2.1 Security & Maintenance Release – What You Need to Know

On May 16, 2023, the WordPress core team released WordPress 6.2.1, which contains patches for 5 vulnerabilities, including a Medium Severity Directory Traversal vulnerability, a Medium-Severity Cross-Site Scripting vulnerability, and several lower-severity vulnerabilities. These patches have been...

5.8CVSS6.9AI score0.79527EPSS
Exploits7
Wordfence Blog
Wordfence Blog
added 2022/01/19 2:55 p.m.57 views

Unauthenticated XSS Vulnerability Patched in HTML Email Template Designer Plugin

On December 23, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “WordPress Email Template Designer – WP HTML Mail”, a WordPress plugin that is installed on over 20,000 sites. This flaw made it possible for an...

4.3CVSS6.9AI score0.70511EPSS
Exploits3
Wordfence Blog
Wordfence Blog
added 2025/07/31 5:9 p.m.56 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (July 21, 2025 to July 27, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards forall in-scope submissions from our 'High Threat' list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

9.9CVSS10AI score0.01567EPSS
Exploits8
Wordfence Blog
Wordfence Blog
added 2024/08/08 3:35 p.m.56 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (July 29, 2024 to August 4, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest...

9.8CVSS8.9AI score0.0269EPSS
Exploits9
Wordfence Blog
Wordfence Blog
added 2024/04/02 3:15 p.m.55 views

$5,500 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in LayerSlider WordPress Plugin

On March 25th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an unauthenticated SQL Injection vulnerability in LayerSlider, a WordPress plugin with more than 1,000,000 estimated active installations. This vulnerability can be leveraged to extract sensitive data fro...

5CVSS9.9AI score0.18402EPSS
Exploits1
Wordfence Blog
Wordfence Blog
added 2023/10/25 2:32 p.m.55 views

Several Critical Vulnerabilities Patched in AI ChatBot Plugin for WordPress

On September 28, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for multiple vulnerabilities in AI ChatBot, a WordPress plugin with over 4,000 active installations. After making our initial contact attempt on September 28th, 2023, we received a response ...

7.5CVSS8.7AI score0.06888EPSS
Exploits5
Wordfence Blog
Wordfence Blog
added 2025/02/27 3:56 p.m.54 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 17, 2025 to February 23, 2025)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

9.8CVSS10AI score0.25991EPSS
Exploits43
Wordfence Blog
Wordfence Blog
added 2024/12/12 3:38 p.m.54 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (December 2, 2024 to December 8, 2024)

Time to wrap up this year and kick-off the new year with a bang! We’re wrapping up the year with ourEnd of Year Holiday Extravaganza , High-Risk Bonus Blitz Challenge , and Superhero Challenge for the Wordfence Bug Bounty Program. Through January 6th, 2025: All in-scope vulnerability types for...

10CVSS9.9AI score0.15043EPSS
Exploits23
Wordfence Blog
Wordfence Blog
added 2026/06/16 4:29 p.m.53 views

PSA: Supply Chain Compromise Targets ShapedPlugin, Backdoored Pro Plugins Distributed via Official Channels

The Wordfence Threat Intelligence Team was notified on June 11th, 2026 of a potential supply chain compromise affecting ShapedPlugin, a WordPress plugin vendor with over 400,000 active free plugin installations. Fortunately, Wordfence customers have already had malware signature detection for the...

10CVSS6.2AI score0.01656EPSS
Exploits3
Wordfence Blog
Wordfence Blog
added 2023/07/18 4:40 p.m.53 views

“Never Assume Anything” – Unauthenticated Stored Cross-Site Scripting Vulnerability Exposed in 14 Email Logging Plugins

“Never Assume Anything” – that is the 4th Guiding Principle written in the Security section of the WordPress Common APIs Handbook for developers. When it comes to WordPress plugin security, assumptions can be dangerous. This became evident when the Wordfence Threat Intelligence team discovered an...

5.8CVSS5.6AI score0.00654EPSS
Exploits0
Wordfence Blog
Wordfence Blog
added 2024/02/15 4:21 p.m.52 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 5, 2024 to February 11, 2024)

Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 95 vulnerabilities disclosed in 65...

7.5CVSS9AI score0.56567EPSS
Exploits7
Wordfence Blog
Wordfence Blog
added 2024/01/30 9:41 p.m.52 views

The WordPress 6.4.3 Security Update – What You Need to Know

Today, January 30, 2024, WordPress released version 6.4.3, which contains two security patches for longstanding, albeit minor, security concerns in WordPress Core. The first patch addresses an issue that allows users with Administrator or Super Administrator on Multisite privileges to upload PHP...

7.4AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2023/12/04 2:42 p.m.51 views

Update ASAP! Critical Unauthenticated Arbitrary File Upload in MW WP Form Allows Malicious Code Execution

🎁 Wordfence just launched its bug bounty program. Through December 20th 2023, all researchers will earn 6.25x our normal bounty rates when Wordfence handles responsible disclosure for our Holiday Bug Extravaganza! Register as a researcher and submit your vulnerabilities today!🎁 On November 24,...

8AI score0.01448EPSS
Exploits1
Wordfence Blog
Wordfence Blog
added 2024/09/12 2:57 p.m.50 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 2, 2024 to September 8, 2024)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Through October 7th, 2024, XSS vulnerabilities in all plugins and themes with =1,000 Active Installs are in scope for all researchers. In addition, through October 14th, 2024 , r esearchers...

9.8CVSS9.5AI score0.83178EPSS
Exploits17
Wordfence Blog
Wordfence Blog
added 2023/12/21 3:25 p.m.49 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (December 11, 2023 to December 17, 2023)

Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 16 vulnerabilities disclosed in 16 WordPress Plugins and no WordPress themes that have been added to the Wordfence...

7.5CVSS7.8AI score0.97846EPSS
Exploits18
Wordfence Blog
Wordfence Blog
added 2023/12/11 6:23 p.m.49 views

Critical Unauthenticated Remote Code Execution Found in Backup Migration Plugin

Wordfence just launched its bug bounty program. Through December 20th 2023, all researchers will earn 6.25x our normal bounty rates when Wordfence handles responsible disclosure for our Holiday Bug Extravaganza! The researcher who reported this vulnerability was awarded $2,751.00! Register as a...

7.5CVSS9.4AI score0.97846EPSS
Exploits14
Wordfence Blog
Wordfence Blog
added 2023/08/10 12:42 p.m.49 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (July 31, 2023 to August 6, 2023)

Last week, there were 29 vulnerabilities disclosed in 24 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 18 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities ...

7.5CVSS8.6AI score0.01239EPSS
Exploits18
Wordfence Blog
Wordfence Blog
added 2021/09/01 2:13 p.m.49 views

Over 1 Million Sites Affected by Gutenberg Template Library & Redux Framework Vulnerabilities

On August 3, 2021, the Wordfence Threat Intelligence team initiated the disclosure process for two vulnerabilities we discovered in the Gutenberg Template Library & Redux Framework plugin, which is installed on over 1 million WordPress sites. One vulnerability allowed users with lower permissions...

5CVSS0.28961EPSS
Exploits7
Wordfence Blog
Wordfence Blog
added 2026/06/04 9:5 p.m.48 views

Quarterly WordPress Threat Intelligence Report – Q1 2026

As the leader in WordPress security, Wordfence provides unparalleled security coverage that fully encompasses protection, active monitoring, detection, and response all built around our threat intelligence, demonstrating a strong commitment to security. Our mission is to ensure comprehensive...

5.8AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/03/20 3:7 p.m.48 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 10, 2025 to March 16, 2025)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

9.8CVSS9.4AI score0.54756EPSS
Exploits14
Wordfence Blog
Wordfence Blog
added 2025/02/13 3:34 p.m.48 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 3, 2025 to February 9, 2025)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

9.8CVSS9.8AI score0.00775EPSS
Exploits27
Wordfence Blog
Wordfence Blog
added 2024/09/19 3:42 p.m.48 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 9, 2024 to September 15, 2024)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Through October 7th, 2024, XSS vulnerabilities in all plugins and themes with =1,000 Active Installs are in scope for all researchers. In addition, through October 14th, 2024 , r esearchers...

10CVSS9.6AI score0.63134EPSS
Exploits18
Wordfence Blog
Wordfence Blog
added 2023/10/12 9:58 p.m.48 views

WordPress 6.3.2 Security Release – What You Need to Know

WordPress Core 6.3.2 was released today, on October 12, 2023. It includes a number of security fixes and additional hardening against commonly exploited vulnerabilities. While all of the vulnerabilities are of Medium severity, several of them are impactful enough to potentially allow site takeove...

8.1AI score
Exploits0
Total number of security vulnerabilities522