WordPress Vulnerability Report: June 2021, Part 3
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. The weekly WordPress Vulnerability Report powered by WPScan covers recent WordPress plugin, theme, and core vulnerabilities, and what to do if you run one of the vulnerable...
WordPress 5.8 Beta 2
WordPress 5.8 Beta 2 is now available for testing! This software is still in development, so it’s not recommended to run this version on a production site. Consider setting up a test site to play with it. You can test the WordPress 5.8 Beta 2 in two ways:...
What is Malware and Why It Matters
What is malware? Malware is an umbrella term used to define malicious software (get it – MALicious softWARE) that’s leveraged to exploit a website’s weaknesses, with the intent of carrying out a number of harmful activities. When you look at malware as it...High Severity Vulnerability Patched in WooCommerce Stock Manager Plugin
On May 21, 2021, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability that we discovered in WooCommerce Stock Manager, a WordPress plugin installed on over 30,000 sites. This flaw made it possible for an attacker to...
Password Attacks 101
According to the 2020 Data Breaches report by Verizon, 25% of all breaches involved the use of stolen credentials. And for small businesses, that number hit 30%. Brute force attacks have a similar share, accounting for 18% of all breaches, and 34% of those for small...Malicious Attack Campaign Targeting Jetpack Users Reusing Passwords
The Wordfence Threat Intelligence and Site Cleaning teams have been tracking a malware campaign that redirects all site visitors to malvertising domains, while attempting to keep site administrators unaware of the infection. Since June 1, 2021, the number of sites we...Gutenberg Highlights
During WordCamp Europe this past Wednesday Matt and I gathered to discuss the latest developments of Gutenberg and to share a video with some of the current and upcoming highlights. The video is wonderfully narrated by @beafialho and it was a great opportunity to...
WordPress Vulnerability Report: June 2021, Part 2
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. The weekly WordPress Vulnerability Report powered by WPScan covers recent WordPress plugin, theme, and core vulnerabilities, and what to do if you run one of the vulnerable...