• Home
  • /Archive by category ' Fix WordPress '

Archive For: Fix WordPress

Malware Redirects WordPress Traffic to Harmful Sites

Recently, a customer approached us after noticing their website was redirecting visitors to a suspicious URL. They suspected their site had been compromised and sought assistance in identifying and resolving the issue. This prompted a deeper investigation into the infection and its behavior. What did we see? The website’s redirects were leading to hxxps://cdn1[.]massearchtraffic[.]top/sockets. Continue... Read More
 

Wordfence Bug Bounty Researchers: Unlock More Earning Potential With New “Refer A Researcher” Program

Today, we at Wordfence are excited to announce a groundbreaking addition to our Wordfence Bug Bounty Program: the Refer-A-Researcher Program! Refer new researchers to our program and earn commissions when they submit valid vulnerabilities. This is a great opportunity to earn even more with the Wordfence Bug Bounty Program – already the highest paying bug... Read More
 

Backdoors: The Hidden Threat Lurking in Your Website

Website backdoors are a silent yet deadly threat to website security. These stealthy mechanisms bypass standard authentication, providing attackers with persistent, unauthorized access to a website’s backend. Often overlooked, backdoors allow cybercriminals to maintain access long after an initial breach. Understanding the risks they pose and how to mitigate them is essential for website owners... Read More
 

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 6, 2025 to January 12, 2025)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest. Last week,... Read More
 

Japanese Spam on a Cleaned WordPress Site: The Hidden Sitemap Problem

While investigating a compromised WordPress site, we discovered a malware infection causing Japanese spam links to appear in Google search results. Although the site had been cleaned, Google was still crawling and indexing spammy URLs, which impacted the site’s SEO and credibility. Japanese SEO Spam: A Common Threat Japanese SEO spam is a recurring issue... Read More
 

Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection

Recently, we released an article where a credit card skimmer was targeting checkout pages on a Magento site. Now we’ve come across sophisticated credit card skimmer malware while investigating a compromised WordPress website. This credit card skimmer malware targeting WordPress websites silently injects malicious JavaScript into database entries to steal sensitive payment details. The malware... Read More
 

Wordfence Intelligence Weekly WordPress Vulnerability Report (December 16, 2024 to January 5, 2025)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest. Special Note:... Read More
 

Vulnerability & Patch Roundup — December 2024

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this... Read More
 

Vulnerability & Patch Roundup — November 2024

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this... Read More
 

Wordfence Intelligence Weekly WordPress Vulnerability Report (December 9, 2024 to December 15, 2024)

Time to wrap up this year and kick-off the new year with a bang! We’re wrapping up the year with our End of Year Holiday Extravaganza, High-Risk Bonus Blitz Challenge, and Superhero Challenge for the Wordfence Bug Bounty Program. Through January 6th, 2025: All in-scope vulnerability types for WordPress plugins/themes with >= 1,000 active installations are in-scope for ALL researchers... Read More
 
Tap To Call