Critical 0-day in The Plus Addons for Elementor Allows Site Takeover
Today, March 8, 2021, the Wordfence Threat Intelligence team became aware of a critical 0-day in The Plus Addons for…
Critical Vulnerability Patched in WooCommerce Upload Files
On December 29, 2020, the Wordfence Threat Intelligence team was alerted to a potential 0-day vulnerability in the WooCommerce Upload…
Medium Severity Vulnerability Patched in User Profile Picture Plugin
On February 15, 2021, our Threat Intelligence team initiated the responsible disclosure process for a vulnerability that we discovered in…
One Million Sites Affected: Four Severe Vulnerabilities Patched in Ninja Forms
On January 20, 2021, our Threat Intelligence team responsibly disclosed four vulnerabilities in Ninja Forms, a WordPress plugin used by…