On May 20, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a Privilege Escalation vulnerability in WPDeveloper’s ReviewX plugin, which is actively installed on more than 10,000 WordPress websites. This vulnerability makes it possible for an authenticated attacker to grant themselves administrative privileges via a user meta update. Wordfence … Read more
You did it and I think congratulations are in order! You, dear WordPress enthusiast, have helped WordPress thrive for the past 20 years. It’s an incredible accomplishment, and I couldn’t be more thankful. Did you know: WordPress is seven years older than TikTok (2016), came four years before Tumblr (2007) and the first iPhone (2007), … Read more
Suggestions for the very first steps you should take to make your WooCommerce store safe, secure, and protected from potential threats. The post The Definitive Guide to WooCommerce Security appeared first on WooCommerce.
Last week, there were 82 vulnerabilities disclosed in 59 WordPress Plugins and 11 WordPress themes, along with 6 in WordPress Core, that have been added to the Wordfence Intelligence Vulnerability Database, and there were 26 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site … Read more
The Wordfence Threat Intelligence team has been monitoring an increase in attacks targeting a Cross-Site Scripting vulnerability in Beautiful Cookie Consent Banner, a WordPress plugin installed on over 40,000 sites. The vulnerability, which was fully patched in January in version 2.10.2, offers unauthenticated attackers the ability to add malicious JavaScript to a website, potentially allowing … Read more
