On March 16, 2020, LearnPress – WordPress LMS Plugin, a WordPress plugin with over 80,000 installations, patched a high-severity vulnerability…
Read StoryOn April 27, 2020, the Wordfence Threat Intelligence team discovered a Cross-Site Request Forgery(CSRF) vulnerability in Ninja Forms, a WordPress…
Read StoryOn May 6, 2020, our Threat Intelligence team received reports of active exploitation of vulnerabilities in two related plugins, Elementor…
Read StoryWordPress Core version 5.4.1 has just been released. Since this release is marked as a combined security and bug fix…
Read StoryStarting April 28th, we saw a 30 times increase in cross site scripting attack volume, originating from a single attacker,…
Read StoryOn Monday, May 4, 2020, the Wordfence Threat Intelligence team discovered two vulnerabilities present in Page Builder by SiteOrigin, a…
Read StoryThe WordPress Slimstat plugin, which currently has over 100k installs, allows your website to gather analytics data for your WordPress…
Read StoryThe open source PHP forum software myBB recently published a new update, version 1.8.21. This is a security release fixing…
Read StoryOn May 28th, a critical OS Command Injection vulnerability affecting the WP-Database-Backup plugin was disclosed to the public by the…
Read StoryThe WordPress plugin WP Statistics, which has an active installation base of 500k users, has an unauthenticated stored XSS vulnerability…
Read Story