News
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024)
Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 190 vulnerabilities disclosed in 155 WordPress Plugins and 2 WordPress Themes that have been added […]
Read MoreMalCare Ensures Unmatched Protection Against User Registration Privilege Escalation Vulnerability
Imagine discovering that your WordPress site, which should be secure and under strict control, has suddenly become accessible to unauthorized users who have the same administrative powers as you. This nightmare scenario was recently made possible for users of the popular User Registration plugin, which suffered from a critical privilege escalation vulnerability. This breach meant […]
Read More$493 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in WP Datepicker WordPress Plugin
🎉 Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On April 14th, 2024, during our Bug Extravaganza, we received a submission for an Arbitrary Options Update […]
Read MoreMalCare Ensures Proactive Protection Against WP-Members XSS Vulnerability
MalCare continues to protect its customer sites from all kinds of attacks, even the ones exploiting zero-day vulnerabilities. The recent stored cross-site scripting (XSS) vulnerability found in the WP-Members Membership plugin is yet another example of the proactive protection provided by our robust Atomic Security firewall. The WP-Members XSS vulnerability presents a very high chance […]
Read More$2,063 Bounty Awarded for Privilege Escalation Vulnerability Patched in User Registration WordPress Plugin
🎉 Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On March 9th, 2024, during our second Bug Bounty Extravaganza, we received a submission for a Privilege […]
Read MoreTop 9 ManageWP Alternatives To Manage Multiple Sites Easily [Reviewed]
ManageWP is a popular name in the WordPress maintenance plugins market. People love how much you get for a free plan, how easy it is to set up, and how intuitive the dashboard is. Unfortunately, that is where the good news ends. Once we started to test them, we were quickly looking for ManageWP’s alternatives. […]
Read MoreWordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024)
Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 202 vulnerabilities disclosed in 185 WordPress Plugins, 21 WordPress Themes, and one in WordPress Core […]
Read MoreMalCare Proactively Defends Against Icegram Express SQL Injection Vulnerability
MalCare’s recent data has revealed numerous attempts to exploit a newly found SQL injection vulnerability in the Icegram Express plugin. Attackers commonly use this sophisticated SQL injection technique to extract data from vulnerable databases. This vulnerability is particularly dangerous because it’s easy to attack—no special permissions or user roles are needed. This means that even […]
Read MoreAtomic Security’s Deep WordPress Integration Helps Protect Against Core XSS Vulnerability
The recent WordPress core vulnerability is a critical one, primarily because of two reasons. Firstly, it affects the WordPress core itself, which means that every WordPress site is vulnerable to these XSS attacks. Put this in the context of 44% sites on the Internet running on WordPress, and you see the scale of the issue […]
Read More