📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 🌞 Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards for all in-scope submissions from our ‘High Threat’ list in software with fewer than 5…
Tag: Blog – Wordfence
A Deep Dive into a Modular Malware Family
The Wordfence Threat Intelligence Team recently identified an interesting malware family on May 16, 2025 during a site clean. This malware family shared a codebase but varied in features across different versions, including credit card skimming and WordPress credential theft.…
A Deep Dive into a Modular Malware Family
The Wordfence Threat Intelligence Team recently identified an interesting malware family on May 16, 2025 during a site clean. This malware family shared a codebase but varied in features across different versions, including credit card skimming and WordPress credential theft.…
Attackers Actively Exploiting Critical Vulnerability in Motors Theme
On May 2nd, 2025, we received a submission for a Privilege Escalation vulnerability in Motors, a WordPress theme with more than 22,000 sales. This vulnerability makes it possible for an unauthenticated attacker to change the password of any user, including…
Wordfence Intelligence Weekly WordPress Vulnerability Report (June 9, 2025 to June 15, 2025)
📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 🌞 Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards for all in-scope submissions from our ‘High Threat’ list in software with fewer than 5…
100,000 WordPress Sites Affected by Privilege Escalation via MCP in AI Engine WordPress Plugin
On May 21st, 2025, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for an Insufficient Authorization to Privilege Escalation via MCP (Model Context Protocol) vulnerability in the AI Engine plugin, which is actively installed on more…
Wordfence Intelligence Weekly WordPress Vulnerability Report (June 2, 2025 to June 8, 2025)
📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 🌞 Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards for all in-scope submissions from our ‘High Threat’ list in software with fewer than 5…
33,000 WordPress Sites Affected by Privilege Escalation Vulnerability in RealHomes WordPress Theme
On May 4th, 2025, we received a submission for a Privilege Escalation vulnerability in RealHomes, a WordPress theme with more than 33,000 sales. This vulnerability can be used by authenticated attackers, with subscriber-level access and above, to grant themselves administrative…
33,000 WordPress Sites Affected by Privilege Escalation Vulnerability in RealHomes WordPress Theme
On May 4th, 2025, we received a submission for a Privilege Escalation vulnerability in RealHomes, a WordPress theme with more than 33,000 sales. This vulnerability can be used by authenticated attackers, with subscriber-level access and above, to grant themselves administrative…
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 26, 2025 to June 1, 2025)
📢 In case you missed it, Wordfence just published its annual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond. …