Recently Disclosed SureTriggers Critical Privilege Escalation Vulnerability Under Active Exploitation

On May 2nd, 2025 the Wordfence Threat Intelligence team added a new critical vulnerability to the Wordfence Intelligence vulnerability database in the OttoKit: All-in-One Automation Platform (Formerly SureTriggers) plugin publicly disclosed by a third-party CNA on April 30th, 2025. This vulnerability makes it possible for unauthenticated attackers to gain administrative level access to vulnerable sites, … Read more

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 21, 2025 to April 27, 2025)

In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond.   Last week, there were 230 vulnerabilities disclosed in 197 WordPress Plugins and 14 WordPress Themes that … Read more

Wordfence: The World’s Leading Quality WordPress Vulnerability Intelligence Provider

On April 8th, 2024, we released our 2024 Annual WordPress Security Report, highlighting key trends and insights across the evolving landscape of WordPress security. Today, we want to shine a spotlight on Wordfence’s contributions through our Bug Bounty Program, and reaffirm our commitment to high-quality vulnerability research, respectful and responsible disclosure, and free, high-impact vulnerability … Read more

Interesting WordPress Malware Disguised as Legitimate Anti-Malware Plugin

📢 In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond.   The Wordfence Threat Intelligence team recently discovered an interesting malware variant that appears in the … Read more

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 14, 2025 to April 20, 2025)

In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond.   Last week, there were 252 vulnerabilities disclosed in 215 WordPress Plugins and 15 WordPress Themes that … Read more