Secure Hosting WP Blog
Security Updates are Brought to You from Wordfence and Sucuri. Two trusted security plugins for WordPress users.
Server Side Data Exfiltration via Telegram API
One of the themes commonly highlighted on this blog includes the many creative methods and techniques attackers employ to steal data from compromised websites. Credit card skimmers, credential and password hijackers, SQL injections, and even malware on the server...
Cross-Site Scripting Vulnerabilities in Elementor Impact Over 7 Million Sites
On February 23, 2021, the Wordfence Threat Intelligence team responsibly disclosed a set of stored Cross-Site Scripting vulnerabilities in Elementor, a WordPress plugin which “is now actively installed and used on more than 7M websites” according to a recent...
Several Vulnerabilities Patched in Tutor LMS Plugin
On December 15, 2020, our Threat Intelligence team responsibly disclosed several vulnerabilities in Tutor LMS, a WordPress plugin installed on over 20,000 sites. The first five flaws made it possible for authenticated attackers to inject and execute arbitrary SQL...
Episode 108: Hack Exposes 150,000 Security Cameras at Tesla, Cloudflare and Others
A data breach exposes 150,000 security cameras used by organizations around the world, including Tesla and Cloudflare. State-sponsored hacking groups exploit Microsoft Exchange vulnerabilities. A fire in a French data center belonging to hosting company OVH affects...
Magento 2 PHP Credit Card Skimmer Saves to JPG
Bad actors often leverage creative techniques to conceal malicious behaviour and harvest sensitive information from ecommerce websites. A recent investigation for a compromised Magento 2 website revealed a malicious injection that was capturing POST request data from...
Critical 0-day in The Plus Addons for Elementor Allows Site Takeover
Today, March 8, 2021, the Wordfence Threat Intelligence team became aware of a critical 0-day in The Plus Addons for Elementor, a premium plugin that we estimate has over 30,000 installations. This vulnerability was reported this morning to WPScan by Seravo, a hosting...
Episode 107: Two Plugin Vulnerabilities Target File Upload Capabilities
The Wordfence Threat intelligence team finds vulnerabilities in two plugins, the User Profile Picture plugin and the WooCommerce Upload Files plugin. WordPress 5.7 is set to release on Tuesday, March 9 with numerous enhancements for the block editor, a new robots.txt...
Critical Vulnerability Patched in WooCommerce Upload Files
On December 29, 2020, the Wordfence Threat Intelligence team was alerted to a potential 0-day vulnerability in the WooCommerce Upload Files plugin, an add-on for WooCommerce with over 5,000 installations. Please note that this is a separate plugin from the main...
Trojan Spyware and BEC Attacks
When it comes to an organization’s security, business email compromise (BEC) attacks are a big problem. One primary reason impacts are so significant is that attacks often use a human victim to authorize a fraudulent transaction to bypass existing security controls...
Medium Severity Vulnerability Patched in User Profile Picture Plugin
On February 15, 2021, our Threat Intelligence team initiated the responsible disclosure process for a vulnerability that we discovered in User Profile Picture, a WordPress plugin installed on over 60,000 sites. The vulnerability made it possible for authenticated...
Episode 106: Admin Password Resets, Blockchain Botnets and a Central Management RCE
WordPress 5.7 is due to be released on March 9, and it will allow administrators to send password reset emails to users. A botnet is abusing the Bitcoin blockchain for command and control, while VMWare fixes a critical remote code execution bug in all default vCenter...
SQL Triggers in Website Backdoors
Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within compromised databases. These queries inject an admin level user into the infected database whenever the trigger condition is met. What...
Episode 105: The Hottest Trend in WordPress
An analysis of WordPress-related search trends found that interest in WooCommerce related results dominated during 2020. We discuss recent vulnerabilities discovered by our threat intelligence team in Ninja Forms, affecting over 1 million sites. WordPress issues a...
One Million Sites Affected: Four Severe Vulnerabilities Patched in Ninja Forms
On January 20, 2021, our Threat Intelligence team responsibly disclosed four vulnerabilities in Ninja Forms, a WordPress plugin used by over one million sites. One of these flaws made it possible for attackers to redirect site administrators to arbitrary locations....
UCEPROTECT: When RBLs Go Bad
Realtime Blackhole Lists (RBLs) can be a great tool in your security arsenal. You may not know you’re using them, but all email providers and company email servers leverage these services to verify whether servers and IP addresses are sending spam or other abusive...
Episode 104: Cryptography Demystified
This week, the Wordfence team discusses cryptography in depth, including the basics, a brief history, hashing, and the Crypto Wars. We also go over current news, including 2 new findings by the Wordfence Threat Intelligence team, a new milestone for WordPress, and a...
Multiple Vulnerabilities Patched in Responsive Menu Plugin
On December 17, 2020, our Threat Intelligence team responsibly disclosed three vulnerabilities in Responsive Menu, a WordPress plugin installed on over 100,000 sites. The first flaw made it possible for authenticated attackers with low-level permissions to upload...
Optimizing Performance and Behavior with WordPress and the Sucuri WAF
Aside from providing significant protection from a wide range of threats, the Sucuri WAF also acts as a CDN due to its caching capabilities and regional PoPs — often performing even better than dedicated CDNs based on recent tests. CDNs can significantly help speed up...
Severe Vulnerabilities Patched in NextGen Gallery Affect over 800,000 WordPress Sites
On December 14, 2020, the Wordfence Threat Intelligence team finished researching two Cross-Site Request Forgery (CSRF) vulnerabilities in NextGen Gallery, a WordPress plugin with over 800,000 installations, including a critical severity vulnerability that could lead...
Episode 103: Wordfence Innovates with Machine Learning and Security for Schools
Wordfence opens the K-12 site audit and site cleaning service for publicly funded state schools worldwide. Machine learning is now a big part of our malware identification process, which will speed new malware signatures to deployment for WordPress sites protected by...
WordPress News
WordPress 5.5 Release Candidate
The first release candidate for WordPress 5.5 is now available! This is an important milestone in the community’s progress toward the final release of WordPress 5.5. “Release Candidate” means that the new version is ready for release, but with...
WordPress 5.5 Beta 4
WordPress 5.5 Beta 4 is now available! This software is still in development, so it’s not recommended to run this version on a production site. Consider setting up a test site to play with the new version. You can test WordPress 5.5 Beta 4 in two ways: Try the...
WordPress 5.5 Beta 3
WordPress 5.5 Beta 3 is now available! This software is still in development,so it’s not recommended to run this version on a production site. Consider setting up a test site to play with the new version. You can test WordPress 5.5 Beta 3 in two ways: Try the...
WordPress 5.5 Beta 2
WordPress 5.5 Beta 2 is now available! This software is still in development, so it’s not recommended to run this version on a production site. Consider setting up a test site to play with the new version. You can test WordPress 5.5 beta 2 in two ways: Try...
WordPress 5.5 Beta 1
WordPress 5.5 Beta 1 is now available for testing! This software is still in development, so it’s not recommended to run this version on a production site. Consider setting up a test site to play with the new version. You can test the WordPress 5.5 beta in...