Malware Scanning: An Essential Layer of Website Security

Wordfence recently launched Wordfence CLI, a high performance command line malware scanner, which makes use of our extensive set of malware detection signatures to rapidly scan file systems for infections. In recent years, the WordPress community has seen a shift in emphasis towards prevention, rather than detection, of security incidents. This reflects the increased adoption … Read more

Over 100,000 WordPress Websites Affected by XSS and SQLi Vulnerabilities in Slimstat Analytics Plugin

On August 24, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a stored Cross-Site Scripting (XSS) and a Blind SQL Injection vulnerability in the Slimstat Analytics plugin, which is actively installed on more than 100,000 WordPress websites. The vulnerability enables threat actors with contributor-level permissions or higher to inject … Read more

The Month in WordPress – August 2023

August 2023 marked another exciting chapter in WordPress, with the Community Summit and WordCamp US bringing the community together for meaningful discussions, knowledge sharing, and learning. This month also welcomed the long-awaited WordPress 6.3 release and offered a glimpse of what’s to come. Let’s dive into it. Meet WordPress 6.3 “Lionel” WordPress 6.3 “Lionel” was … Read more

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 28, 2023 to September 3, 2023)

Last week, there were 64 vulnerabilities disclosed in 61 WordPress Plugins and 2 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 32 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected. Our mission with … Read more