PSA: Zero-Day Vulnerability in WPGateway Actively Exploited in the Wild

On September 8, 2022, the Wordfence Threat Intelligence team became aware of an actively exploited zero-day vulnerability being used to add a malicious administrator user to sites running the WPGateway plugin. We released a firewall rule to Wordfence Premium, Wordfence Care, and Wordfence Response customers to block the exploit on the same day, September 8, … Read more

PSA: Nearly 5 Million Attacks Blocked Targeting 0-Day in BackupBuddy Plugin

Late evening, on September 6, 2022, the Wordfence Threat Intelligence team was alerted to the presence of a vulnerability being actively exploited in BackupBuddy, a WordPress plugin we estimate has around 140,000 active installations. This vulnerability makes it possible for unauthenticated users to download arbitrary files from the affected site which can include sensitive information. … Read more

The Month in WordPress – August 2022

August has been a busy month, with the redesign of WordPress.org, new localized content on Learn WordPress, and the WordPress 6.0.2 security and maintenance release. But that’s not all! Read on to catch up on the latest WordPress news. WordPress 6.1 walk-through scheduled for September 13, 2022 Save the date! A live interactive walk-through of … Read more

Generated by Feedzy