16 articles
Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPres...
A forensic breakdown of how an attacker turned CyberPanel's SnappyMail logging into a persistent webshell that survived every WordPress cleanup attempt. The ...
Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPres...
On May 8, 2026, PRISM, Wordfence Threat Intelligence’s autonomous vulnerability research platform, discovered a critical Authentication Bypass vulnerability ...
On March 21st, 2026, we received a submission for an Arbitrary File Read and an SQL Injection vulnerability in Avada Builder, a WordPress plugin with an esti...
Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPres...
On April 18th, 2026, we received a submission for an Authenticated Arbitrary File Upload vulnerability in Slider Revolution, a WordPress plugin. Although the...
On April 22nd, 2026, we publicly disclosed a critical Arbitrary File Upload vulnerability in Breeze Cache, a WordPress plugin with an estimated 400,000 activ...
Last week, there were 157 vulnerabilities disclosed in 122 WordPress Plugins and 27 WordPress Themes that have been added to the Wordfence Intelligence Vulne...
Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPres...
On April 6th, 2026, we publicly disclosed a critical Arbitrary File Upload vulnerability in Ninja Forms – File Upload, a WordPress plugin with an estimated 5...
Last week, there were 153 vulnerabilities disclosed in 117 WordPress Plugins and 23 WordPress Themes that have been added to the Wordfence Intelligence Vulne...
On March 2nd, 2026, we received a submission through our Bug Bounty Program for a Remote Code Execution vulnerability in Kali Forms, a WordPress plugin with ...
At Wordfence, we run a bug bounty program that pays out mid-six figures per year to researchers in bug bounties for WordPress related vulnerabilities. Fundin...
Last week, there were disclosed in that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPress Se...
On January 8th, 2026, we received a submission for an Arbitrary File Upload vulnerability in Ninja Forms - File Upload, a WordPress plugin with an estimated ...