Archive For: WordPress Security
-
April 25, 2024
Categories:
-
Navigating the world of website security can feel like stepping into a minefield, especially when you have to navigate threats like zero-day vulnerabilities. Zero-days are security flaws that, worryingly, remain hidden from everyone involved — from dev teams and users, to even the most conscientious vulnerability researchers. In this post, we’ll take a look at... Read More
-
April 25, 2024
Categories:
-
Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 190 vulnerabilities disclosed in 155 WordPress Plugins and 2 WordPress Themes that have been added... Read More
-
April 23, 2024
Categories:
-
Cookie hijacking involves unauthorized access to cookies, which are small pieces of data stored on your browser by websites you visit. Cookies often contain sensitive information, including session tokens that authenticate users to a web application. By hijacking these cookies, attackers can impersonate users and gain unauthorized access to private accounts and sensitive data. Given... Read More
-
April 23, 2024
Categories:
-
???? Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On April 14th, 2024, during our Bug Extravaganza, we received a submission for an Arbitrary Options Update... Read More
-
April 19, 2024
Categories:
-
???? Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On March 9th, 2024, during our second Bug Bounty Extravaganza, we received a submission for a Privilege... Read More
-
April 18, 2024
Categories:
-
Last August we documented a malware campaign that was injecting malicious JavaScript code into compromised WordPress sites to redirect site visitors to VexTrio domains. The most interesting thing about that malware was how it used dynamic DNS TXT records of the tracker-cloud[.]com domain to obtain redirect URLs. We’ve been tracking this campaign ever since —... Read More
-
April 18, 2024
Categories:
-
Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 202 vulnerabilities disclosed in 185 WordPress Plugins, 21 WordPress Themes, and one in WordPress Core... Read More
-
April 17, 2024
Categories:
-
???? Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 24th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an authenticated... Read More
-
April 16, 2024
Categories:
-
If you’re managing a WordPress site, it’s crucial to ensure it runs smoothly and securely. Many site owners worry that WordPress maintenance is a complex chore that requires a ton of technical expertise, but that’s not entirely true. This guide is here to show you the steps you can take on your own to help... Read More
-
April 15, 2024
Categories:
-
???? Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On March 25th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an unauthenticated... Read More
Tap To Call