4,000,000 WordPress Sites Using Really Simple Security Free and Pro Versions Affected by Critical Authentication Bypass Vulnerability

Introductory Note: This is one of the more serious vulnerabilities that we have reported on in our 12 year history as a security provider for WordPress. This vulnerability affects Really Simple Security, formerly known as Really Simple SSL, installed on over 4 million websites, and allows an attacker to remotely gain full administrative access to … Read more

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 4, 2024 to November 10, 2024)

Calling all superheroes and hunters! Introducing the End of Year Holiday Extravaganza and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through December 9th, 2024: All in-scope vulnerability types for WordPress plugins/themes with >= 1,000 active installations are in-scope for ALL researchers All plugins and themes with 50-999 active installs hosted in the WordPress.org … Read more

WordPress 6.7 “Rollins”

Each WordPress release celebrates an artist who has made an indelible mark on the world of music. WordPress 6.7, code-named “Rollins,” pays tribute to the legendary jazz saxophonist Sonny Rollins. Known as one of the greatest improvisers and pioneers in jazz, Rollins has influenced generations of musicians with his technical brilliance, innovative spirit, and fearless … Read more

Wordfence Intelligence Weekly WordPress Vulnerability Report (October 28, 2024 to November 3, 2024)

Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through November 11th, 2024: All in-scope vulnerability types for WordPress plugins/themes with >= 1,000 active installations are in-scope for ALL researchers Top-tier researchers earn automatic bonuses of between 10% to 120% for valid … Read more