In case you missed it, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence Community Edition. This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed Continue reading Wordfence Intelligence CE Weekly Vulnerability Report (Feb 6, 2023 to Feb 12, 2023)
In case you missed it, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme and, plugin vulnerabilities known as Wordfence Intelligence Community Edition. This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed Continue reading Wordfence Intelligence CE Weekly Vulnerability Report (1-30-2023 to 2-5-2023)
In what appears to be a significant setback for Wordfence, but promoted as “a gift to the community”, they announced they are now giving away data on vulnerabilities in WordPress plugins they have been trying to sell access to since Continue reading Wordfence Intelligence Community Edition Data Falsely Claims That Unfixed Plugin Vulnerability Was Fixed Twice
Today we are incredibly excited to announce that Wordfence is launching an entirely free vulnerability database API and web interface, available for commercial use by hosting companies, security organizations, threat analysts, security researchers, and the WordPress user community. This is Continue reading Wordfence Launches Free Vulnerability Database For Commercial Use – And Launches Security Portal
During the weekend, third-party data we monitor recorded what appeared to be a hacker probing for usage of the WordPress plugin ContentStudio. The requests are looking for the plugin’s readme.txt file: /wp-content/plugins/contentstudio/readme.txt [Read more] ShareTweetSharePostSharePin It!
Two days ago, we detailed multiple issues with a recently launched service from the WordPress security provider Wordfence, Wordfence Intelligence. There was something we ran across while researching that, which we felt was worth separating out for its own post Continue reading Wordfence Is Failing to Provide Information That Would Help Protect Their Customers Unless Web Hosts Pay Them as Well
Yesterday, we detailed significant discrepancies between the way the WordPress security provider Wordfence marketed their Wordfence Intelligence service and the actual results they are delivering with that. Much of that affects those also relying on their Wordfence Security plugin as Continue reading Wordfence Intelligence Vulnerability Data Feed Keeps Looking Worse
Today, the Wordfence team is launching a Malware Hash Feed as part of our Wordfence Intelligence API. This gives our Enterprise users another way to rapidly and definitively identify malware targeting web applications. As the world’s foremost WordPress security provider, Continue reading Wordfence Intelligence Launches New Malware Hash Feed!
In August, the WordPress security provider Wordfence announced a new service named Wordfence Intelligence with a lot of lofty claims about the service and what they were already providing. What was lacking is evidence that it delivers on the promises Continue reading Wordfence Intelligence Doesn’t Deliver on Its Promises
On October 17, 2022, the Wordfence Threat Intelligence team began monitoring for activity targeting CVE-2022-42889, or “Text4Shell” on our network of 4 million websites. We started seeing activity targeting this vulnerability on October 18, 2022. Text4Shell is a vulnerability in Continue reading Threat Advisory: Monitoring CVE-2022-42889 “Text4Shell” Exploit Attempts