2021 Mid-Year WordPress Security Report: A Collaboration Between Wordfence and WPScan

Wordfence has collaborated with WPScan to conduct a 2021 mid-year review on the state of WordPress security. Using attack data from Wordfence’s internal threat intelligence platform, and vulnerability data from WPScan’s vulnerability database, we were able to analyze the current trend of attacks on WordPress and assess the current state of WordPress security. In the... Read More
 

Examining Unique Magento Backdoors

During a recent investigation into a compromised Magento ecommerce environment, we discovered the presence of five different backdoors that would provide attackers with code execution capabilities. The techniques used by the attackers in these backdoors illustrates the ever-changing landscape of website security and highlights some of the tactics used to avoid traditional backdoor detection. Reflection... Read More
 

Multiple Vulnerabilities Patched in WordPress Download Manager

On May 4, 2021, the Wordfence Threat Intelligence Team initiated the responsible disclosure process for WordPress Download Manager, a WordPress plugin installed on over 100,000 sites. We found two separate vulnerabilities, including a sensitive information disclosure as well as a file upload vulnerability which could have resulted in Remote Code Execution in some configurations. The... Read More
 

You’ve Found a Vulnerability! Now What? A Guide to Responsible Disclosure.

Information security researchers make a valuable contribution to our online security by finding vulnerabilities and facilitating getting them fixed. Wordfence has been finding and disclosing vulnerabilities in WordPress core, WordPress plugins, and WordPress themes since 2011. Our research has exposed vulnerabilities in the core infrastructure that powers WordPress, organized crime exploiting plugins for profit, and... Read More
 

Nulled WordPress Plugins – Dangers and Downsides

In our 2020 Threat Report, the Wordfence Threat Intelligence Team identified malware distributed via nulled, pirated, or counterfeit plugins and themes as one of the largest threats facing the WordPress ecosystem. Many site owners are unaware of the risks associated with using nulled plugins, and in many cases, they may not even be aware that... Read More
 

Vulnerable Plugin Exploited in Spam Redirect Campaign

Some weeks ago a critical unauthenticated privilege escalation vulnerability was discovered in old, unpatched versions of the wp-user-avatar plugin. It also allows for arbitrary file uploads, which is where we have been seeing the infections start. This plugin has over 400,000 installations so we have seen a sustained campaign to infect sites with this plugin... Read More
 

Episode 125: Critical SQL Injection Vulnerability Patched in WooCommerce

A critical SQL injection vulnerability was discovered in WooCommerce, the most popular e-Commerce plugin used by over 5 million WordPress sites. The WordPress.org team pushed a forced security update ensuring that over 90 versions of WooCommerce were patched. The REvil ransomware gang targeted a zero-day vulnerability in Kaseya, used by many in the banking industry,... Read More
 

Critical SQL Injection Vulnerability Patched in WooCommerce

On July 14, 2021, WooCommerce released an emergency patch for a SQL Injection vulnerability reported by security researcher Thomas DeVoss (dawgyg). This vulnerability allowed unauthenticated attackers to access arbitrary data in an online store’s database. WooCommerce is the leading e-Commerce platform for WordPress and is installed on over 5 million websites. Additionally, the WooCommerce Blocks... Read More
 
1 51 52 53 54 55 107
Tap To Call