News
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 8, 2023 to May 14, 2023)
Last week, there were 139 vulnerabilities disclosed in 105 WordPress Plugins and 2 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 47 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected. Our mission with […]
Read MorePSA: Attackers Actively Exploiting Critical Vulnerability in Essential Addons for Elementor
On May 11 2023, Essential Addons for Elementor, a WordPress plugin with over one million active installations, released a patch for a critical vulnerability that made it possible for any unauthenticated user to reset arbitrary user passwords, including user accounts with administrative-level access. This vulnerability was discovered and responsibly disclosed by security researcher Rafie Muhammed. […]
Read MoreWordPress 6.2.1 Security & Maintenance Release
On May 16, 2023, the WordPress core team released a crucial update — WordPress 6.2.1. This latest security and maintenance release addresses a number of bug fixes and vulnerability patches, including an unauthenticated Directory Traversal vulnerability, unauthenticated Cross-Site Scripting vulnerability, and several other lower-severity vulnerabilities. To mitigate risk, we highly recommend verifying that your WordPress […]
Read MoreWordPress Core 6.2.1 Security & Maintenance Release – What You Need to Know
On May 16, 2023, the WordPress core team released WordPress 6.2.1, which contains patches for 5 vulnerabilities, including a Medium Severity Directory Traversal vulnerability, a Medium-Severity Cross-Site Scripting vulnerability, and several lower-severity vulnerabilities. These patches have been backported to every version of WordPress since 4.1. WordPress has supported automatic core updates for security releases since […]
Read MoreWebsites Defaced with Belarusian Bottled Water Company Content
It’s not often that we get the opportunity to write about website defacements on this blog. Defacements — where a website homepage is replaced with a hacker logo or some sort of political or religious message — are usually fairly run-of-the-mill and not particularly interesting. However, we’ve recently observed a rash of website defacements that […]
Read MoreWhat Is the Difference Between Malware And Virus? (Explained)
The terms virus and malware get thrown around and used interchangeably a lot. But are they the same thing? Not quite. Not all malware is a virus but all viruses are malware. So, what differentiates viruses from other malware? Understanding that difference can help you take the right measures to prevent an attack. You can […]
Read MoreTroubleshooting ERR_SSL_PROTOCOL_ERROR: How to Fix this Pesky Error in 6 Steps
As a website owner (and frequent website visitor), you might have encountered the notorious ERR_SSL_PROTOCOL_ERROR at least once. This Secure Sockets Layer (SSL) error occurs when the browser fails to establish a secure connection with the website, usually due to issues with the website’s SSL certificate or its configuration or the client’s browser. The error […]
Read MoreWordfence Intelligence Weekly WordPress Vulnerability Report (May 1, 2023 to May 7, 2023)
Last week, there were 58 vulnerabilities disclosed in 43 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 27 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected. Our mission with […]
Read MoreXjquery Wave of WordPress SocGholish Injections
In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish scripts into compromised WordPress sites. A bit later, we documented minor changes in the way this malware worked. By the end of March, 2023, we started noticing a new wave […]
Read More