Erik Kraijenoord On June 24, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a Cross-Site Request Forgery vulnerability we discovered in Ecwid Ecommerce Shopping Cart, a WordPress plugin installed on over 30,000 sites. This vulnerability made it possible for attackers to modify some of the plugin’s more advanced settings via a forged request. … Read more
On July 8, 2022 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Download Manager,” a WordPress plugin that is installed on over 100,000 sites. This flaw makes it possible for an authenticated attacker to delete arbitrary files hosted on the server, provided they have access to create … Read more
A masterclass in eCommerce success, Gardyn is using WooCommerce and Trustpilot to boost confidence in their revolutionary indoor gardening system. See how. The post A “Gardyn” in Every Home — a WooCommerce + Trustpilot Success Story appeared first on WooCommerce.
The Log4j vulnerability, initially reported in November 2021, has affected millions of devices and applications around the world. It has the potential to allow a malicious actor to take full control of vulnerable devices. As a result of how Log4j controls the logging of strings and code, the vulnerability allows malicious actors to inject malicious … Read more
In this series, we share some of the inspiring stories of how WordPress and its global network of contributors can change people’s lives for the better. This month we feature Carla Doria, a customer support specialist from South America on how WordPress opened up a new world for her, and gave her the ability to … Read more
