Tag: Blog – Wordfence

Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not…

Read more →

Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not…

Read more →

On February 4th, 2026, we received a submission for an SQL Injection vulnerability in Ally, a WordPress plugin estimated to have more than 400,000 active installations. This vulnerability can be leveraged to extract sensitive data from the database, such as…

Read more →

On December 30th, 2025, we received a submission for an Authentication Bypass vulnerability in Tutor LMS Pro, a WordPress plugin estimated to have more than 30,000 active installations. The vulnerability makes it possible for an unauthenticated attacker to gain access…

Read more →

Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not…

Read more →

Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not…

Read more →

Last month in January 2026, the Wordfence Bug Bounty Program received 897 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by…

Read more →

🔥🔥🔥 Triple Threat Bug Bounty Challenge 🔥🔥🔥 Hunt High Threat vulnerabilities and earn triple the incentives! Now through April 6, 2026, earn three stacked bonuses on all valid submissions from our ‘High Threat Vulnerabilities’ list: 💰 2x all high threat vulnerability bounties (excluding 5,000,000+ installs) 📈 +30% bonus for…

Read more →

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find…

Read more →

On January 12th, 2026, we received a submission for an Arbitrary File Upload vulnerability in WPvivid Backup, a WordPress plugin with more than 800,000 active installations. This vulnerability can be used by unauthenticated attackers to upload arbitrary files to a…

Read more →

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find…

Read more →

This regular report highlights trends and changes in the WordPress security landscape, empowering you as a site owner to proactively protect your website against current vulnerabilities and threats, and to better understand the protections Wordfence provides through it’s robust threat…

Read more →

In 2022, Wordfence introduced a completely free vulnerability database to support the WordPress security community. We made sure that included completely free access to the Wordfence Intelligence Vulnerability Database API on the founded belief that WordPress vulnerability information should be…

Read more →

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find…

Read more →

Last month in December 2025, the Wordfence Bug Bounty Program received 759 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by…

Read more →

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find…

Read more →

On January 12th, 2026, we received a submission for a Backdoor vulnerability in the LA-Studio Element Kit for Elementor, a WordPress plugin with more than 20,000+ active installations. This vulnerability makes it possible for an unauthenticated attacker to create malicious…

Read more →

On December 10th, 2025, we received a submission for a Privilege Escalation vulnerability in Advanced Custom Fields: Extended, a WordPress plugin with more than 100,000+ active installations. This vulnerability makes it possible for an unauthenticated attacker to grant themselves administrative…

Read more →

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find…

Read more →

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find…

Read more →