Critical Privilege Escalation Vulnerability in Charitable WordPress Plugin Affects Over 10,000 sites

On August 10, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a Privilege Escalation vulnerability in the Donation Forms by Charitable plugin, which is actively installed on more than 10,000 WordPress websites. This vulnerability makes it possible for an unauthenticated attacker to grant themselves administrative privileges by supplying a role … Read more

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 7, 2023 to August 13, 2023)

Last week, there were 86 vulnerabilities disclosed in 68 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 36 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected. Our mission with … Read more

WP20 – A Heartfelt Thanks

Earlier this year, WordPressers around the globe united to celebrate 20 years of community and innovation. There were parties, blogs, videos, and social media posts aplenty. And, of course, the trending hashtag, “#WP20”. Throughout April and May, community members reflected on their journeys – what brought them to WordPress and its personal meaning. The stories, … Read more