On July 23, 2020, our Threat Intelligence team discovered a vulnerability present in two themes by Elegant Themes, Divi and…
Read StoryOn July 13, 2020, our Threat Intelligence team was alerted to a recently patched vulnerability in Newsletter, a WordPress plugin…
Read StoryOn June 19th, our Threat Intelligence team discovered a vulnerability present in Comments – wpDiscuz, a WordPress plugin installed on…
Read StoryOn June 12, 2020, Wordfence Threat Intelligence discovered an unauthenticated stored Cross-Site Scripting(XSS) vulnerability in TC Custom JavaScript, a WordPress…
Read StoryDuring a routine audit of WordPress plugins last december, we discovered a Stored XSS vulnerability in the very popular Elementor…
Read StoryFixed Plugins and Vulnerabilities PluginVulnerabilityPatched VersionInstalls Duplicator Arbitrary File Download 1.3.28 1000000 Modula Image Gallery Authenticated Stored XSS 2.2.5 70000…
Read StoryFixed Plugins and Vulnerabilities PluginVulnerabilityPatched VersionInstalls Cookiebot Reflected Cross-Site Scripting 3.6.1 40000 Data Tables Generator By Supsystic Authenticated Stored XSS…
Read StoryRelevant Plugins and Vulnerabilities: PluginVulnerabilityPatched VersionInstalls Widget Settings Importer/Exporter Stored XSS Closed 40000 Accordion Stored/Reflected XSS 2.2.9 30000 Support Ticket…
Read StoryRelevant Plugins and Vulnerabilities: PluginVulnerabilityPatched VersionInstalls WP Product Review Unauthenticated Stored XSS 3.7.6 40000 Form Maker by 10Web Authenticated SQL…
Read StoryDuring a routine research audit for our Sucuri Firewall, we discovered an Unauthenticated Persistent Cross-Site Scripting (XSS) affecting 40,000+ users…
Read Story