5 Tips for Boosting the Mobile Performance of Your WordPress Site

It’s estimated that soon over 70 percent of users will be accessing the internet from their smartphones rather than desktops. This means that having a mobile-friendly website is a must. However, boosting the mobile performance of your WordPress site can seem like a daunting task. Luckily, optimizing your website for mobile devices is easy when

2020-10-04T13:29:24+01:00September 29th, 2020|Using Wordpress|

High-Severity Vulnerabilities Patched in Discount Rules for WooCommerce

On August 20, 2020, the Wordfence Threat Intelligence team was made aware of several vulnerabilities that had been patched in Discount Rules for WooCommerce, a WordPress plugin installed on over 40,000 sites. We released a firewall rule to protect against these vulnerabilities the same day. During our investigation, we also discovered a separate set of

2020-10-04T12:53:18+01:00September 25th, 2020|Security|

Critical Vulnerabilities Patched in XCloner Backup and Restore Plugin

On August 14, our Threat Intelligence team discovered several vulnerabilities present in XCloner Backup and Restore, a WordPress plugin installed on over 30,000 sites. This flaw gave authenticated attackers, with subscriber-level or above capabilities, the ability to modify arbitrary files, including PHP files. Doing so would allow an attacker to achieve remote code execution on

2020-10-04T12:52:17+01:00September 19th, 2020|Security|

The Hacker Motive: What Attackers Are Doing with Your Hacked Site

Yesterday, September 15, 2020, the Wordfence Live team covered The Hacker Motive: What Attackers Are Doing with Your Hacked Site. This companion blog post reviews the motives we discussed live during Wordfence Live and dives deeper into the minds of attackers. You can watch the video of Wordfence Live below. Timestamps You can click on

2020-10-04T12:50:36+01:00September 16th, 2020|Security|

The Month in WordPress: August 2020

August was special for WordPress lovers, as one of the most anticipated releases, WordPress 5.5, was launched. The month also saw several updates from various contributor teams, including the soft-launch of the Learn WordPress project and updates to Gutenberg. Read on to find out about the latest updates from the WordPress world. WordPress 5.5 Launch

2020-10-04T13:54:13+01:00September 4th, 2020|Wordpress World|

Millions of Sites Targeted in File Manager Vulnerability Attacks

The Wordfence Threat Intelligence team is seeing a dramatic increase in attacks targeting the recent 0-day in the WordPress File Manager plugin. This plugin is installed on over 700,000 WordPress websites, and we estimate that 37.4% or 261,800 websites are still running vulnerable versions of this plugin at the time of this publication. Attacks are

2020-10-04T13:02:33+01:00September 4th, 2020|Security|