People of WordPress: Mario Peshev
You’ve probably heard that WordPress is open source software, and may know that it’s created and run by volunteers. Enthusiasts share many examples of how WordPress has changed people’s lives for the better. In this monthly series, we share some of those lesser-known,...Critical Vulnerabilities in the WP Lead Plus X WordPress Plugin
On March 3, 2020, our Threat intelligence team discovered a number of vulnerabilities in WP Lead Plus X, a WordPress plugin with over 70,000 installations designed to allow site owners to create landing and squeeze pages on their sites. These vulnerabilities allowed...Episode 72: WordPress 5.4 Released, Zoom Conferencing Safety & Security
This week, we look at the WordPress 5.4 release which includes turning distraction free editing on by default. We also look at new plugin vulnerabilities discovered by the Wordfence Threat Intelligence team, including those found in Rank Math and a Contact From 7...WordPress Security Updates: March 2020
These monthly reports are provided for the WordPress community at large from Pagely’s head of security, Robert Rowley. Rowley and the entire security team keep their finger on the pulse […] Source: Security FeedThe Month in WordPress: March 2020
The month of March was both a tough and exciting time for the WordPress open-source project. With COVID-19 declared a pandemic, in-person events have had to adapt quickly – a challenge for any community. March culminated with the release of WordPress 5.4, an...
Safety and Security While Video Conferencing with Zoom
With much of the world shifting to working from home due to public health concerns with COVID-19, video conferencing is booming. Businesses, and even schools, are turning to platforms such as Zoom, Microsoft Teams, Google hangouts and other technologies to stay...High Severity Vulnerability Leads to Closure of Plugin with Over 100,000 Installations
On April 1, 2020, the Wordfence Threat Intelligence team discovered a stored Cross Site Scripting (XSS) vulnerability in Contact Form 7 Datepicker, a WordPress plugin installed on over 100,000 sites. As the plugin developer’s github page indicated that the...
Say hello to WP 2FA – a new free WordPress two-factor authentication plugin
An administrator should be able to add two-factor authentication (2FA) to a WordPress site easily within minutes. The admin should also be able to configure policies to make 2FA compulsory, and users should be able setup 2FA without requiring any training or technical...