On March 20, 2023, the Wordfence Threat Intelligence team began the responsible disclosure process for two vulnerabilities in Shield Security, a security plugin with over 50,000 installations. One of these vulnerabilities allowed unauthenticated attackers to inject malicious JavaScript into an administrator dashboard in some configurations, while another allowed authenticated attackers to spoof log entries into … Read more
Last week, there were 152 vulnerabilities disclosed in 134 WordPress Plugins and 0 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 41 Vulnerability Researchers that contributed to WordPress Security last week. There were more unpatched vulnerabilities than patched last week, so it’s more important than ever to review … Read more
Last week, there were 77 vulnerabilities disclosed in 68 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 32 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected. Our mission with … Read more
Join WordPress Executive Director Josepha Haden Chomphosy in the 55th episode of the WordPress Briefing as she looks back at the 20 years of WordPress and how the open source community made WordPress what it is today. Have a question you’d like answered? You can submit them to wpbriefing@wordpress.org, either written or as a voice recording. … Read more
Each year, members of the WordPress community (users, site builders, extenders, and contributors) provide valuable feedback through an annual survey. For 2022, the survey received a comprehensive update, the first in six years. The total number of questions was reduced to 29 from nearly 100, socio-economic questions were mostly removed, and the Likert scale was … Read more
