Are you looking to switch to the latest Google Analytics version? Google is now recommending website owners to move to the new Google Analytics 4 because they will be sunsetting the previous Universal Analytics on July 1, 2023. After the sunset day, you won’t be able to track data in the older version. In this [...]
On May 30, 2022, Security Researcher Rafie Muhammad reported a reflected Cross-Site Scripting (XSS) vulnerability to us that they discovered in Download Manager, a WordPress plugin installed on over 100,000 sites. On request, we assigned a vulnerability identifier of CVE-2022-1985. All Wordfence users, including Free, Premium, Care, and Response, are protected from exploits targeting this [...]
Do you want to preview your WordPress website before going live? Previewing your website before publishing it allows you to catch any errors, design issues, missing items, and spelling or grammar mistakes. In this article, we’ll show you how to preview your website before going live and without hurting the user experience. Here is a [...]
On March 29, 2022, the Wordfence Threat Intelligence team initiated the disclosure process for a critical vulnerability in the Elementor plugin that allowed any authenticated user to upload arbitrary PHP code. Elementor is one of the most popular WordPress plugins and is installed on over 5 million websites. We sent our disclosure to the official [...]
Today, March 15, 2022, The Wordfence Incident Response team alerted our Threat Intelligence team to an increase in infected websites hosted on GoDaddy’s Managed WordPress service, which includes MediaTemple, tsoHost, 123Reg, Domain Factory, Heart Internet, and Host Europe Managed WordPress sites. These affected sites have a nearly identical backdoor prepended to the wp-config.php file. Of [...]
Do you need to regenerate or flush your WordPress permalinks? If you are not able to view your website content, then neither can your visitors. Broken links and 404 errors can damage the user experience, and your position in SEO rankings. In this article, we will show you how to fix these dead URLs by [...]
Do you need to add nofollow links in your WordPress navigation menus? Many website owners prefer to add a nofollow tag to external links, but beginners may find this tricky when adding a custom link to a menu. In this article, we’ll show you how to add nofollow links in WordPress navigation menus. Why Add [...]
On November 11, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Photoswipe Masonry Gallery”, a WordPress plugin that is installed on over 10,000 sites. This flaw makes it possible for an authenticated attacker to inject malicious JavaScript that executes whenever a site administrator accesses the PhotoSwipe [...]
WordPress 5.9.1 is now available! This maintenance release features 82 bug fixes in both Core and the block editor. WordPress 5.9.1 is a short-cycle maintenance release. The next major release will be version 6.0. You can download WordPress 5.9.1 from WordPress.org, or visit your Dashboard → Updates and click “Update Now”. If you have sites that support automatic [...]
On January 4, 2022 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Profile Builder – User Profile & User Registration Forms”, a WordPress plugin that is installed on over 50,000 WordPress websites. This vulnerability makes it possible for an unauthenticated attacker to craft a request that contains [...]
