Wordfence Intelligence Weekly WordPress Vulnerability Report (April 28, 2025 to May 4, 2025)

In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond.   Last week, there were 75 vulnerabilities disclosed in 63 WordPress Plugins and 5 WordPress Themes that … Read more

Recently Disclosed SureTriggers Critical Privilege Escalation Vulnerability Under Active Exploitation

On May 2nd, 2025 the Wordfence Threat Intelligence team added a new critical vulnerability to the Wordfence Intelligence vulnerability database in the OttoKit: All-in-One Automation Platform (Formerly SureTriggers) plugin publicly disclosed by a third-party CNA on April 30th, 2025. This vulnerability makes it possible for unauthenticated attackers to gain administrative level access to vulnerable sites, … Read more

10,000 WordPress Sites Affected by Arbitrary File Read Vulnerability in Eventin WordPress Plugin

📢 In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond.   On April 6th, 2025, we received a submission for an Arbitrary File Read vulnerability in … Read more