News
Vulnerability Patched in Cozmolabs Profile Builder Plugin – Information Disclosure Leads to Account Takeover
Hundreds, if not thousands of WordPress plugins are conceived with the idea of making site building and maintenance easier for site owners. They add features not available in WordPress Core that would otherwise require site owners to write their own code to extend functionality. However, these well-intentioned plugins may sometimes contain seemingly innocuous bugs that […]
Read More
How to Know If You’re Under DDoS Attack
Nowadays, the term DDoS raises the heart rate of most webmasters. Though many don’t know exactly what a DDoS attack is, they might be familiar with the effects of getting DDoSed: an extremely sluggish, shut down, or dysfunctional website. In this article, we’ll focus on how to know if you’ve been DDoSed, how to spot […]
Read More
Wordfence Intelligence Weekly WordPress Vulnerability Report (Feb 27, 2023 to Mar 5, 2023)
Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence. This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us using our CVE Request form, and by monitoring […]
Read More
PSA: Intentionally Leaving Backdoors in Your Code Can Lead to Fines and Jail Time
In the cybersecurity field, we talk a lot about threat actors and vulnerable code, but what doesn’t get discussed enough is intentional vulnerabilities and becoming your own threat actor. Even when making decisions with the best of intentions, it is possible to work against your own best interests. One area we see this in comes […]
Read More
Wordfence Intelligence: Because Community Created Vulnerabilities Are Community Property
Last August, at Black Hat 2022 in Las Vegas, we launched Wordfence Intelligence, a product designed to provide large enterprise customers with rich IP threat data, malware signatures, malware hashes, and vulnerability data to help keep enterprise customers and networks secure. Our mission at Wordfence is to secure the WordPress community, and to that end we […]
Read More
What is a Website Defacement?
Defacement is easily one the most obvious signs of a hacked website. In these attacks, bad actors gain unauthorized access to an environment and leave their mark through digital vandalism, altering its visual appearance or content in the process. In many cases, website defacements display social or political messages that are completely unrelated to the […]
Read More
14 Best WordPress Plugins for Blogs
As the most popular content management system in the world, WordPress has become a go-to platform for bloggers of all levels of experience. One of the reasons for its popularity is the vast array of plugins available to enhance the functionality and performance of your website. Whether you’re looking to improve your SEO, increase social […]
Read More
Top 10 WordPress Survey Plugins
Have you ever responded to a poll by an influencer you follow on social media? It’s a fun way to connect with other fans and the influencer themself. Surveys, questionnaires, and polls help you build that connection with your own audience and WordPress survey plugins make it easy to design the interfaces. WordPress questionnaire plugin […]
Read More
Magbo Spam Injection Encoded with hex2bin
We recently had a new client come to us with a rather peculiar issue on their WordPress website: They were receiving unwanted popup advertisements but only when the website was accessed through links posted on FaceBook. Initially we thought that this must be a rogue ad coming through an otherwise legitimate advertising network but it […]
Read More