Over the course of 2020, and in the process of protecting over 4 million WordPress customers, the Wordfence Threat Intelligence team gathered a massive amount of raw data from attacks targeting WordPress and infection trends, in addition to the malware samples gathered by our Site Cleaning team. Attacks on WordPress can be categorized in three major categories, with malicious login attempts and vulnerability exploit attacks predictably leading the way. In a surprising trend, nulled plugin malware also staked its claim as a prominent intrusion vector.
Today, we are excited to announce that Wordfence is authorized by the Common Vulnerabilities and Exposures (CVE®) Program as a CNA, or CVE Numbering Authority. As a CNA, Wordfence can now assign CVE IDs for new vulnerabilities in WordPress Core, WordPress Plugins and WordPress Themes. Full Article! Podaj dalej: Facebook Twitter LinkedIn więcej
Atarim is launching its 2nd annual Web Agency Summit in a couple of weeks. The free event will run from March 23 – 26. The goal of the event is to help agencies and freelancers in the WordPress space grow sustainable businesses. Full article! Podaj dalej: Facebook Twitter LinkedIn więcej
Full Article! Podaj dalej: Facebook Twitter LinkedIn więcej
On May 13, 2021 01:00 UTC, WordPress core released a security patch for a Critical Object Injection vulnerability in PHPMailer, the component that WordPress uses to send emails by default. If your site is set to allow auto updating of minor point releases, your site has probably already updated to WordPress 5.7.2. Full Article! Podaj…
On December 15, 2020, our Threat Intelligence team responsibly disclosed several vulnerabilities in Tutor LMS, a WordPress plugin installed on over 20,000 sites. The first five flaws made it possible for authenticated attackers to inject and execute arbitrary SQL statements on WordPress sites. This made it possible for attackers to obtain information stored in a…
The last time I wrote about Gutenberg, I told you I was confused. I don’t think I’m confused anymore, but I am clear that I don’t speak in any official capacity for WordPress, Automattic or anyone involved in the development of Gutenberg. Full Article! Podaj dalej: Facebook Twitter LinkedIn więcej