WordPress 5.7.2 Security Release: What You Need to Know
On May 13, 2021 01:00 UTC, WordPress core released a security patch for a Critical Object Injection vulnerability in PHPMailer, the component that WordPress uses to send emails by default.…
SQL Injection Vulnerability Patched in CleanTalk AntiSpam Plugin
On March 4, 2021, the Wordfence Threat Intelligence team initiated responsible disclosure for a Time-Based Blind SQL Injection vulnerability discovered in Spam protection, AntiSpam, FireWall by CleanTalk, a WordPress plugin…
Severe Unpatched Vulnerabilities Leads to Closure of Store Locator Plus Plugin
On March 5, 2021, the Wordfence Threat Intelligence team wrapped up an investigation that led to the discovery of a privilege escalation vulnerability along with several additional vulnerabilities in Store…
PSA: Remove Kaswara Modern WPBakery Page Builder Addons Plugin Immediately
Today, April 21, 2021, the Wordfence Threat Intelligence team became aware of a critical 0-day vulnerability that is being actively exploited in Kaswara Modern WPBakery Page Builder Addons, a premium…