security

Wordfence: The World’s Leading Quality WordPress Vulnerability Intelligence Provider

TL;DR: Wordfence 2024 Report
– Released 2024 Annual WordPress Security Report confirming Wordfence's leadership in WordPress vulnerability intelligence via high-quality research and Bug Bounty Program.
– 8,233 vulnerabilities added in 2024 (41.7% of CVEs); 4,534 in 2025 (29%).
– Processed 65.8% of vulnerabilities in software with 50,000+ installs in 2024; 68.2% in 2025.
– 45.2% of high-threat vulnerabilities addressed in 2024; 66.7% for software with 50,000+ installs.
– Other providers focus on lower-impact vulnerabilities, creating noise and poor disclosure practices.
– Wordfence prioritizes impactful vulnerabilities, maintaining free detailed intelligence for community protection and security improvements.

https://www.wordfence.com/blog/2025/04/wordfence-the-worlds-leading-quality-wordpress-vulnerability-intelligence-provider/

Interesting WordPress Malware Disguised as Legitimate Anti-Malware Plugin

Wordfence published its 2024 WordPress security report, revealing a malware variant disguised as a normal plugin (‘WP-antymalwary-bot.php'), allowing attackers to maintain site access, hide the plugin, and execute remote code. Detected on January 22, 2025, it was swiftly addressed with a malware signature and later a firewall rule for premium users. The malware can log administrators in, execute commands via REST API, and reinfect sites using modified wp-cron.php. Indicators of compromise include C&C server pings and modified theme files. This malware indicates a trend towards AI-generated threats.

https://www.wordfence.com/blog/2025/04/interesting-wordpress-malware-disguised-as-legitimate-anti-malware-plugin/

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 14, 2025 to April 20, 2025)

TLDR: Wordfence's 2024 WordPress security report highlights 252 vulnerabilities in plugins/themes. 137 patched, 115 unpatched. Key vulnerabilities assessed and firewall rules added for premium users. Free tools for vulnerability scanning and API access available. Research contributors listed.

https://www.wordfence.com/blog/2025/04/wordfence-intelligence-weekly-wordpress-vulnerability-report-april-14-2025-to-april-20-2025/

50,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in Greenshift WordPress Plugin

🔒 Wordfence released its 2024 WordPress security report. An Arbitrary File Upload vulnerability was found in the Greenshift plugin (versions 11.4-11.4.5), allowing authenticated users to upload malicious files, posing a remote code execution risk. Discovered by researcher mikemyers, it was quickly reported, prompting prompt patches on April 15 and 17, 2025. Users should update to version 11.4.6. Wordfence protects all users against this exploit.

https://www.wordfence.com/blog/2025/04/50000-wordpress-sites-affected-by-arbitrary-file-upload-vulnerability-in-greenshift-wordpress-plugin/

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 7, 2025 to April 13, 2025)

Wordfence released its 2024 WordPress security report, highlighting 340 vulnerabilities from 303 plugins and 8 themes last week, contributed by 67 researchers. They emphasize the importance of reviewing these vulnerabilities for site protection and offer free tools like the Wordfence CLI Vulnerability Scanner and APIs for ongoing security monitoring. A total of 79 vulnerabilities were patched, while 261 remained unpatched. Most vulnerabilities were of medium (264) and high severity (49), with notable types being Cross-site Scripting (121) and CSRF (86). The report also recognizes contributors who aided WordPress security efforts.

https://www.wordfence.com/blog/2025/04/wordfence-intelligence-weekly-wordpress-vulnerability-report-april-7-2025-to-april-13-2025/

6,000 WordPress Sites Affected by Arbitrary File Move Vulnerability in Drag and Drop Multiple File Upload for WooCommerce WordPress Plugin

Wordfence's Bug Bounty Program offers up to $31,200 per vulnerability. On March 28, 2025, a vulnerability in the “Drag and Drop Multiple File Upload for WooCommerce” plugin was reported, allowing unauthenticated users to move critical files. Researcher Phat RiO earned $315 for the find. Users should update to version 1.1.5 to protect against this critical flaw, which could lead to site takeover. The vulnerability was disclosed and patched promptly by the developer.

https://www.wordfence.com/blog/2025/04/6000-wordpress-sites-affected-by-arbitrary-file-move-vulnerability-in-drag-and-drop-multiple-file-upload-for-woocommerce-wordpress-plugin/

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 31, 2025 to April 6, 2025)

Wordfence released its 2024 WordPress security report, highlighting 527 vulnerabilities in WordPress plugins and themes added last week. 80 vulnerabilities were patched, while 447 remain unpatched. The report emphasizes the importance of utilizing Wordfence's free resources for vulnerability scanning and data access to enhance WordPress security. Additionally, the Wordfence Threat Intelligence Team deployed new firewall rules for various vulnerabilities, benefiting premium customers immediately, while free users wait 30 days. The report also acknowledges contributors to WordPress security efforts.

https://www.wordfence.com/blog/2025/04/wordfence-intelligence-weekly-wordpress-vulnerability-report-march-31-2025-to-april-6-2025/

100,000 WordPress Sites Affected by Administrative User Creation Vulnerability in SureTriggers WordPress Plugin

Wordfence's Bug Bounty Program rewards researchers for reporting vulnerabilities in WordPress plugins. A critical vulnerability in the SureTriggers plugin allows unauthenticated user creation, affecting over 100,000 sites. Discovered by researcher mikemyers, it was patched swiftly, and users are urged to update to version 1.0.79 to secure their sites. Wordfence provided firewall protection to premium users on April 1, 2025, with free users receiving it on May 1, 2025. This vulnerability poses significant risks, emphasizing the need for timely updates.

https://www.wordfence.com/blog/2025/04/100000-wordpress-sites-affected-by-administrative-user-creation-vulnerability-in-suretriggers-wordpress-plugin/

2024 Annual WordPress Security Report by Wordfence

2024 WordPress security saw major changes with the introduction of Bug Bounty Programs like Wordfence's, enabling researchers to monetize vulnerability assessments. Despite a 68% rise in disclosed vulnerabilities in 2024, most pose low risk to site owners. The report highlights predominant threats, including Cross-Site Scripting, and urges continued vigilance and layered security approaches. Over 54 billion attacks were blocked, showcasing the necessity of proactive security measures. Site owners are advised to follow best practices and remove outdated plugins to mitigate risks.

https://www.wordfence.com/blog/2025/04/2024-annual-wordpress-security-report-by-wordfence/

50,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Uncanny Automator WordPress Plugin

Wordfence's Bug Bounty Program rewards researchers for reporting vulnerabilities in WordPress plugins, with payouts up to $31,200. A recent submission revealed an Arbitrary File Upload vulnerability in Uncanny Automator, affecting over 50,000 sites. The vulnerability allows authenticated attackers to escalate user roles to administrators. The researcher who reported it earned $1,065. After full disclosure on March 11, the Uncanny Owl team promptly released patches. Users are urged to update to version 6.4.0 to mitigate risk, as the vulnerability poses a serious threat to site security.

https://www.wordfence.com/blog/2025/04/50000-wordpress-sites-affected-by-privilege-escalation-vulnerability-in-uncanny-automator-wordpress-plugin/

Scroll to Top