Wordfence Premium – wp-expert

Wordfence Premium Adding Firewall Rules for Vulnerabilities in Under 10 Plugins a Month

Posted on 3 January 2024 by

It’s common for critics of the Wordfence Security plugin to claim it isn’t useful unless you are using the companion Wordfence Premium service because new rules for the firewall are only provided to paying customers for the first 30 days Continue reading Wordfence Premium Adding Firewall Rules for Vulnerabilities in Under 10 Plugins a Month→

Wordfence Premium Added “Real-Time Firewall Protection” for Plugin Vulnerability Over Two Months After It Was Disclosed

Posted on 5 December 2023 by

In the middle of August, we publicly warned that the WordPress plugin WooODT Lite contained an authenticated option update vulnerability, which would allow logged-in attackers to change arbitrary WordPress options (settings). The possibility of the vulnerability was flagged by proactive Continue reading Wordfence Premium Added “Real-Time Firewall Protection” for Plugin Vulnerability Over Two Months After It Was Disclosed→

Wordfence Doesn’t Admit That WordPress Had Already Provided Protection for “Massive Exploit Campaign” Before Them

Posted on 19 July 2023 by

Where WordPress firewall plugins are really useful is for providing protection before a vulnerability is known about, as at that point they can offer protection that other solutions can’t. That was on display with a recent widely exploited zero-day that Continue reading Wordfence Doesn’t Admit That WordPress Had Already Provided Protection for “Massive Exploit Campaign” Before Them→

NinjaFirewall and Plugin Vulnerabilities Firewall Are Only WordPress Security Plugins That Protected Against Recent Zero Day

Posted on 30 June 2023 by

Among the common, but inaccurate, security advice you will hear is that WordPress won’t get hacked if you take basic security measures, including keeping plugins up to date. While doing the basics is really important, the reality is that keeping Continue reading NinjaFirewall and Plugin Vulnerabilities Firewall Are Only WordPress Security Plugins That Protected Against Recent Zero Day→

Only 25% of WordPress Security Plugins Protected Against Widely Exploited Plugin Vulnerability

Posted on 13 March 2023 by

In late January, an unfixed vulnerability in a WordPress plugin with 40,000+ installs started to receive widespread exploitation attempts and many websites were hacked. The hacking was in part caused by multiple WordPress security providers, including Wordfence, WPScan, and Patchstack, Continue reading Only 25% of WordPress Security Plugins Protected Against Widely Exploited Plugin Vulnerability→

Here Are the 4 WordPress Security Plugins That Protected Against a Vulnerability Wordfence Failed to Protect Against Despite Having Discovered It

Posted on 6 March 2023 by

Last week, Wordfence disclosed the details of an authenticated persistent cross-site scripting (XSS) vulnerability they had found in a popular WordPress plugin with 3+ million installs (as well as something else that wasn’t really a vulnerability). There were some things Continue reading Here Are the 4 WordPress Security Plugins That Protected Against a Vulnerability Wordfence Failed to Protect Against Despite Having Discovered It→

WordPress Security Plugins Don’t Prevent Disclosure of One-Time Password Through Exploited Plugin Vulnerability

Posted on 8 February 2023 by

A month ago, we saw a hacker looking to exploit a vulnerability that had recently been fixed in the WordPress plugin User Verification. That vulnerability discovered by Lana Codes involved the plugin’s functionality to email a one-time password for logging Continue reading WordPress Security Plugins Don’t Prevent Disclosure of One-Time Password Through Exploited Plugin Vulnerability→

Wordfence Security and Wordfence Premium Fail to Provide Protection Against Privilege Escalation Vulnerability in Targeted Plugin

Posted on 2 January 2023 by

The Wordfence Security plugin is promoted with the claim that its firewall stops websites from getting hacked: Powered by the constantly updated Threat Defense Feed, Wordfence Firewall stops you from getting hacked. [Read more] ShareTweetSharePostSharePin It!

Even Wordfence Competitor Has Been Fooled by Untruthful Marketing of Wordfence Premium

Posted on 8 December 2022 by

We recently tried to add a WordPress firewall plugin named BitFire in to our automated testing system of WordPress security plugins, but found that the plugin wasn’t working properly and then an update totally broke it. We also noticed that Continue reading Even Wordfence Competitor Has Been Fooled by Untruthful Marketing of Wordfence Premium→

How to Avoid Wordfence Premium Price Increase While Getting Better Real-Time Protection for Free

Posted on 2 November 2022 by

Last week, the WordPress security provider Wordfence announced a significant price increase for their Wordfence Premium service. What they didn’t provide was any explanation of what was causing their cost for the service to increase, which they needed to pass Continue reading How to Avoid Wordfence Premium Price Increase While Getting Better Real-Time Protection for Free→

Wordfence Security and Wordfence Premium Fail to Provide Protection Against Vulnerability in Targeted Plugin

Posted on 23 May 2022 by

Wordfence Security and Wordfence Premium Fail to Provide Protection Against Backdoored WordPress Plugin

Posted on 8 April 2022 by

M	T	W	T	F	S	S
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31