WordPress Vulnerability Roundup: February 2021, Part 1
New WordPress plugin and theme vulnerabilities were disclosed during the first half of February. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The...
WordPress 5.7 Beta 2
WordPress 5.7 Beta 2 is now available for testing! This software is still in development, so it’s not recommended to run this version on a production site. Consider setting up a test site to play with it. You can test the WordPress 5.7 Beta 2 in two ways:...
Optimizing Performance and Behavior with WordPress and the Sucuri WAF
Aside from providing significant protection from a wide range of threats, the Sucuri WAF also acts as a CDN due to its caching capabilities and regional PoPs — often performing even better than dedicated CDNs based on recent tests. CDNs can significantly help speed up...WordPress Security Updates: January 2021
This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of […] Source: Security FeedSevere Vulnerabilities Patched in NextGen Gallery Affect over 800,000 WordPress Sites
On December 14, 2020, the Wordfence Threat Intelligence team finished researching two Cross-Site Request Forgery (CSRF) vulnerabilities in NextGen Gallery, a WordPress plugin with over 800,000 installations, including a critical severity vulnerability that could lead...People of WordPress: Pooja Derashri
WordPress is open source software, maintained by a global network of contributors. There are many examples of how WordPress has changed people’s lives for the better. In this monthly series, we share some of the amazing stories that are lesser-known. Pooja Derashri...Episode 103: Wordfence Innovates with Machine Learning and Security for Schools
Wordfence opens the K-12 site audit and site cleaning service for publicly funded state schools worldwide. Machine learning is now a big part of our malware identification process, which will speed new malware signatures to deployment for WordPress sites protected by...