Wordfence Intelligence Weekly WordPress Vulnerability Report (September 30, 2024 to October 6, 2024)

Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through November 11th, 2024: All in-scope vulnerability types for WordPress plugins/themes with >= 1,000 active installations are in-scope for ALL researchers Top-tier researchers earn automatic bonuses of between 10% to 120% for valid... Read More
 

Get Spooked By Huge Scope and Rewards in the Wordfence Bug Bounty Cybersecurity Month Spooktacular Haunt!

Calling all vulnerability researchers! Get ready to immerse yourselves in the world of WordPress security with the Wordfence Cybersecurity Month Spooktacular Haunt, running from now through November 11th, 2024! What’s Happening During This Cybersecurity Month Spooktacular Haunt? In celebration of Cybersecurity Awareness Month and the ‘Secure Our World‘ theme for this year, we’re brewing up some... Read More
 

7,000 WordPress Sites Affected by Unauthenticated Critical Vulnerabilities in LatePoint WordPress Plugin

🦸 👻 Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through November 11th, 2024: All in-scope vulnerability types for WordPress plugins/themes with >= 1,000 active installations are in-scope for ALL researchers Top-tier researchers earn automatic bonuses of between 10% to 120%... Read More
 

Unraveling Authentication and Authorization in Web Security

Authentication and authorization – they sound alike, often get used interchangeably, and are absolutely crucial for web application security. But let’s be real, getting them right can sometimes feel like navigating a maze. Don’t worry, we’ll break down these concepts, highlight common vulnerabilities, and arm you with best practices to keep your applications secure. Authentication... Read More
 

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 23, 2024 to September 29, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugins and themes at no cost to vendors? Through October 7th, 2024, XSS vulnerabilities in all plugins and themes with >=1,000 Active Installs are in scope for all researchers. In addition, through October 14th, 2024, researchers can earn up to $31,200, for all... Read More
 

8,000 WordPress Sites affected by Arbitrary File Upload Vulnerability in WP Hotel Booking WordPress Plugin

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugins and themes at no cost to vendors? Through October 7th, 2024, XSS vulnerabilities in all plugins and themes with >=1,000 Active Installs are in scope for all researchers. In addition, through October 14th, 2024, researchers can earn up to $31,200, for... Read More
 

WordPress Vulnerability & Patch Roundup September 2024

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this... Read More
 

A (Beta) Audio Roundup of September’s WordPress Vulnerabilities

For those of you that want to stay abreast of the newest vulnerabilities in the WP ecosystem, but like to multitask, here’s an audio roundup of the vulnerabilities we published in the month of September. This is something new I’m trying. The conversation is AI generated by Google’s NotebookLM podcast generation feature which I find... Read More
 

How to Know if Your Website Is Hacked

Whether you manage a gaming blog, an e-commerce platform, or an enterprise-level website you probably want to be able to detect infections when they occur. A hacked website can lead to financial loss, disruption of business operations, and the exposure of confidential information. The key is acting fast once you discover possible compromise. But how... Read More
 

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 16, 2024 to September 22, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugins and themes at no cost to vendors? Through October 7th, 2024, XSS vulnerabilities in all plugins and themes with >=1,000 Active Installs are in scope for all researchers. In addition, through October 14th, 2024, researchers can earn up to $31,200, for all... Read More
 
Tap To Call