Last week, WP Busters released its first plugin titled Passwordless WP. It is a project from full-stack developer Ilya Zolotov that allows end-users to log into their WordPress websites via[…]
WordPress.org has pushed out a forced security update for the Loginizer plugin, which is active on more than 1 million websites. The plugin offers brute force protection in its free[…]
On this week’s episode of Think Like a Hacker, we chat about the cross-site request forgery (CSRF) vulnerability found in the Child Theme Creator by Orbisius and how attackers could[…]
On September 9, 2020, our Threat Intelligence team discovered a vulnerability in Child Theme Creator by Orbisius, a WordPress plugin installed on over 30,000 sites. This flaw gave attackers the[…]
Malicious third parties can gain access to your site through your dashboard. In this post, we show you how to protect your WordPress admin area!
These WordPress vulnerabilities statistics highlight how important it is to always run the latest version of WordPress core, WordPress plugins and themes.
A vulnerability discovered by the Wordfence Threat Intelligence team in the WPBakery plugin exposes over 4 million sites. High severity vulnerabilities were discovered in the Post Grid and Team Showcase[…]
On July 27th, our Threat Intelligence team discovered a vulnerability in WPBakery, a WordPress plugin installed on over 4.3 million sites. This flaw made it possible for authenticated attackers with[…]
We initially reached out to the plugin’s developer, PickPlugins, on September 16, 2020 and provided full disclosure the next day. Patches for both plugins were made available only a few[…]
WordPress security logs are a great way to keep track of security events on your website. In this post, we cover how to use WordPress security logging.
Learn what WordPress user roles are, how to customise and make sure they’re not impacting the security for your site with some plugins.
On August 14, our Threat Intelligence team discovered several vulnerabilities present in XCloner Backup and Restore, a WordPress plugin installed on over 30,000 sites. This flaw gave authenticated attackers, with[…]
Securing WordPress websites from hackers and hardening its security is a crucial step towards your journey of working with the software. WordPress security vulnerabilities need to be overcome so that hackers cannot[…]