Wordfence released its 2024 WordPress security report, highlighting 340 vulnerabilities from 303 plugins and 8 themes last week, contributed by 67 researchers. They emphasize the importance of reviewing these vulnerabilities for site protection and offer free tools like the Wordfence CLI Vulnerability Scanner and APIs for ongoing security monitoring. A total of 79 vulnerabilities were patched, while 261 remained unpatched. Most vulnerabilities were of medium (264) and high severity (49), with notable types being Cross-site Scripting (121) and CSRF (86). The report also recognizes contributors who aided WordPress security efforts.
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 7, 2025 to April 13, 2025)
