Multiple Reflected Cross-Site Scripting Vulnerabilities in Three WordPress Plugins Patched

by

The Wordfence Threat Intelligence Team recently disclosed several Reflected Cross-Site Scripting vulnerabilities that we discovered in three different plugins – Watu Quiz (installed on 5,000 sites), GN-Publisher (installed on 40,000 sites), and Japanized For WooCommerce (installed on 10,000 sites). As with all Reflected Cross-Site Scripting vulnerabilities, these could be leveraged for a complete site takeover … Read more

Introducing the WordPress Developer Blog

by

With much activity happening in the WordPress development space every day, keeping up-to-date with the latest updates can be challenging. The new WordPress Developer Blog is a developer-focused resource to help you stay on top of the latest software features, tutorials, and learning materials relevant to the open source project. This blog is the culmination … Read more

WordPress 6.2 Release Candidate 3

by

It’s the final countdown: the third (and last) scheduled release candidate (RC3) for WordPress 6.2 is ready! The WordPress 6.2 release is scheduled for March 28, 2023—just one week away! Now is your last opportunity to test it before the general release.  Just tuning in now? Catch up on the featured highlights, and dig into … Read more

Wordfence Intelligence Weekly WordPress Vulnerability Report (Mar 6, 2023 to Mar 12, 2023)

by

Last week, there were 60 vulnerabilities disclosed in 40 WordPress Plugins and 1 WordPress theme that have been added to the Wordfence Intelligence Vulnerability Database, and there were 16 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected. Our mission with … Read more