Category: Blog – Wordfence

The Wordfence Threat Intelligence team recently discovered an interesting malware variant that appears in the file system as a normal WordPress plugin containing a comment header, a handful of functions as well as a simple admin interface. Just like previous…

Read more →

📢 In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond.  …

Read more →

On May 15th, 2025, we received a submission for an Arbitrary File Upload vulnerability in MasterStudy LMS Pro, a WordPress plugin with more than 15,000 estimated active installations. The MasterStudy Education WordPress theme from ThemeForest with more than 21,000 sales…

Read more →

📢 In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond.  …

Read more →

The Wordfence Threat Intelligence team recently uncovered a sophisticated formjacking malware targeting WooCommerce sites. This malware injects a fake payment form into legitimate checkout processes and exfiltrates sensitive customer data to a remote Command & Control (C2) server. Unlike traditional…

Read more →

On May 2nd, 2025, we received a submission for a Privilege Escalation vulnerability in Motors, a WordPress theme with more than 22,000 sales. This vulnerability makes it possible for an unauthenticated attacker to change the password of any user, including…

Read more →

📢 In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond.  …

Read more →

On March 29th, 2025, we received a submission for a Remote Code Execution vulnerability in UiPress lite, a WordPress plugin with over 10,000 active installations. This vulnerability can be leveraged to execute code remotely, which makes it possible for attackers…

Read more →

On April 26th, 2024, we received a submission for an authenticated PHP Object Injection vulnerability in Uncanny Automator, a WordPress plugin with more than 50,000 active installations. This vulnerability can be leveraged via an existing POP chain present in the…

Read more →

On May 4th, 2025, we received a submission for an Arbitrary File Upload vulnerability in TheGem, a WordPress theme with more than 82,000 sales. This vulnerability can be used by authenticated attackers, with subscriber-level access and above, to upload arbitrary…

Read more →

📢 In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond.  …

Read more →

On April 6th, 2025, we received a submission for an Arbitrary File Read vulnerability in Eventin, a WordPress plugin with more than 10,000 active installations. This vulnerability makes it possible for an unauthenticated attacker to read arbitrary files on the…

Read more →

On May 2nd, 2025 the Wordfence Threat Intelligence team added a new critical vulnerability to the Wordfence Intelligence vulnerability database in the OttoKit: All-in-One Automation Platform (Formerly SureTriggers) plugin publicly disclosed by a third-party CNA on April 30th, 2025. This…

Read more →

Welcome to Part 3 of the WordPress Security Research Beginner Series! If you haven’t yet, take a minute to check out the series introduction to get a sense of what this series is all about. You’ll also want to catch…

Read more →

📢 In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond.  …

Read more →

Today, we’re examining Wordfence’s vulnerability data for 2024 and 2025, and comparing it to other WordPress Certified Numbering Authorities (CNAs) and vulnerability data providers. This report will demonstrate why Wordfence is the undisputed leader in WordPress vulnerability intelligence and WordPress…

Read more →

The Wordfence Threat Intelligence team recently discovered an interesting malware variant that appears in the file system as a normal WordPress plugin, often with the name ‘WP-antymalwary-bot.php’, and contains several functions that allow attackers to maintain access to your site,…

Read more →

📢 In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond.  …

Read more →

On April 14th, 2025, we received a submission for an Arbitrary File Upload vulnerability in Greenshift, a WordPress plugin with more than 50,000 active installations. This vulnerability can be used by authenticated attackers, with subscriber-level access and above, to upload…

Read more →

On April 14th, 2025, we received a submission for an Arbitrary File Upload vulnerability in Greenshift, a WordPress plugin with more than 50,000 active installations. This vulnerability can be used by authenticated attackers, with subscriber-level access and above, to upload…

Read more →