On April 5, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a set of vulnerabilities in...
On April 18, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for an Object Injection vulnerability in the Booking Calendar plugin for WordPress,...
On March 29, 2022, the Wordfence Threat Intelligence team initiated the disclosure process for a critical vulnerability in the Elementor plugin that allowed any authenticated user...
On March 10, 2022 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “SiteGround Security”, a WordPress plugin that...
Update – after this article was published, Denis Shagimuratov of CleanTalk reached out to us on Twitter. It appears that they didn’t receive our disclosure because...
The Wordfence team has identified a massive attack on Ukrainian universities that coincided with the invasion of Ukraine by Russia, and resulted in at least 30...
On November 11, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Photoswipe Masonry Gallery”, a WordPress plugin...
On February 15, 2022, the Wordfence Threat Intelligence team responsibly disclosed a reflected Cross-Site Scripting (XSS) vulnerability in Header Footer Code Manager, a WordPress plugin with...
On January 4, 2022 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Profile Builder – User Profile &...
On February 7, 2022, Security Researcher Cyku Hong from DEVCORE reported a vulnerability to us that they discovered in WP Statistics, a WordPress plugin installed on...