News
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 15, 2024 to January 21, 2024)
Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 84 vulnerabilities disclosed in 67 WordPress Plugins and 1 WordPress themes that have been […]
Read More
Fixing Website Hosting Issues: “This Account Has Been Suspended”
Experiencing a “This account has been suspended” warning on your website can be both confusing and alarming. This message means that your hosting provider has put your site on a temporary hold. The reasons for an account suspension can range from malware infections and spam content, excessive resource usage, unpaid web hosting bills, or policy […]
Read More
High Severity Arbitrary File Upload Vulnerability Patched in File Manager Pro WordPress Plugin
On December 14th, 2023, shortly after the launch of our Holiday Bug Extravaganza, we received a submission for an Arbitrary File Upload vulnerability in File Manager Pro, a WordPress plugin with an estimated 10,000+ active installations. This vulnerability made it possible for authenticated attackers to create a PHP file that could contain malicious content and […]
Read More
Our Bug Bounty Program Extravaganza is Back and it’s Longer This Time – Earn up to $10,000 for Vulnerabilities in WordPress Software!
At Wordfence our mission is to Secure The Web. WordPress powers over 40% of the Web, and Wordfence secures over 4 million WordPress websites. Our last extravaganza, the Holiday Bug Extravaganza, was so successful we decided to do it again to kick off the New Year right. Introducing our New Year Bug Extravaganza! Through February […]
Read More
Introducing Wordfence CLI 3.0.1: Now With Automatic Remediation!
Note: This post refers to Wordfence CLI, the command line tool for operations teams to rapidly scan large numbers of WordPress websites for vulnerabilities and malware, not the Wordfence plugin which is deeply integrated into WordPress and provides additional functionality, like a firewall, two-factor authentication and more. We’re excited today to announce Wordfence CLI 3.0.1, […]
Read More
6 Best WordPress Activity Log Plugins Reviewed
As a WordPress site owner, you need to know what is happening on your site all the time: who has made what change when. An activity log plugin, as the name suggests, captures every action and event that occurs on your site. It is a great way to keep accountability, and can be an early […]
Read More
The Dangers of Lateral Movement & Website Cross Contamination
One of the most frequent problems that we observe in website hosting environments is “cross contamination” — the lateral movement of an attacker between websites. Cross-site contamination occurs when a site is infected by neighboring sites within the same hosting environment due to poor isolation on the server or account configuration. In this post we […]
Read More
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 8, 2024 to January 14, 2024)
Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 67 vulnerabilities disclosed in 60 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 29 […]
Read More
How to Recover Your WordPress Account
Recovering access to a WordPress account can be incredibly frustrating. Perhaps you’ve changed developers and the new one can’t access wp-admin. Or someone has been careless and lost their credentials, the password reset link isn’t working, and you can’t log in, no matter what you have tried. The good thing is, it’s possible. We’ve tried […]
Read More