Critical Vulnerability Exposes over 700,000 Sites Using Divi, Extra, and Divi Builder
On July 23, 2020, Wordfence Threat Intelligence team discovered a vulnerability present in two themes by Elegant Themes, Divi and Extra, as well as Divi Builder,
The Ultimate WordPress Security Guide
Critical Arbitrary File Upload Vulnerability Patched in wpDiscuz Plugin
On June 19th, Wordfence Threat Intelligence team discovered a vulnerability present in Comments – wpDiscuz, a WordPress plugin installed on over 80,000 sites. This flaw
High Severity Vulnerability Patched in TC Custom JavaScript
Wordfence Threat Intelligence discovered an unauthenticated stored Cross-Site Scripting(XSS) vulnerability in TC Custom JavaScript, a WordPress plugin with over 10,000 installations. Wordfence Premium customers received
WordPress 5.4.2 Patches Multiple XSS Vulnerabilities
WordPress Core version 5.4.2 has just been released. Since this release is marked as a combined security and bug fix update, we recommend updating as
Large Scale Attack Campaign Targets Database Credentials
Between May 29 and May 31, 2020, the Wordfence Firewall blocked over 130 million attacks intended to harvest database credentials from 1.3 million sites by downloading their configuration files.
How to Update WordPress
Updating WordPress WARNING: The upgrade process will affect all files and folders included in the main WordPress installation. This includes all the core files used to