Wordfence's Avatar

Wordfence

@wordfenceofficial

Wordfence is the most popular WordPress security plugin, protecting over 5 million websites worldwide. Visit https://wordfence.com #WordPress #WordPressSecurtiy #Cybersecurity

5
Followers 0
Following 86
Posts 27.10.2025
Joined
Posts Following

Latest posts by Wordfence @wordfenceofficial

Critical auth bypass in Tutor LMS Pro affects 30,000 WordPress sites. Admin accounts at risk if an attacker knows the target email. Patch: version 3.9.6. https://www.wordfence.com/blog/2026/03/30000-wordpress-sites-affected-by-authentication-bypass-vulnerability-in-tutor-lms-pro-wordpress-plugin

Critical auth bypass in Tutor LMS Pro affects 30,000 WordPress sites. Admin accounts at risk if an attacker knows the target email. Patch: version 3.9.6. https://www.wordfence.com/blog/2026/03/30000-wordpress-sites-affected-by-authentication-bypass-vulnerability-in-tutor-lms-pro-wordpress-plugin

Critical auth bypass in Tutor LMS Pro affects 30,000 WordPress sites. Admin accounts at risk if an attacker knows the target email. Patch: version 3.9.6.

youtube.com/shorts/LkUCH...

09.03.2026 22:55 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

Wordfence Intelligence Weekly Vulnerability Report | February 23, 2026 to March 1, 2026

204 WordPress vulnerabilities disclosed. 162 unpatched. Tutor LMS 3.9.6: unauthenticated SQL injection highlighted.

See the full report for more details:

www.wordfence.com/blog/2026/03...

06.03.2026 23:04 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Enumeration - What It Is and How It Works In WordPress Security
Enumeration - What It Is and How It Works In WordPress Security YouTube video by Wordfence

Attackers enumerate your WordPress usernames, plugins, themes, and API routes before exploiting anything.

Limiting info exposure is a core security practice. #WordPress #Wordfence

youtube.com/shorts/FVhl_...

05.03.2026 00:46 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
WordPress Enumeration Explained: Usernames, Plugins, Themes, and API Routes
WordPress Enumeration Explained: Usernames, Plugins, Themes, and API Routes YouTube video by Wordfence

WordPress Enumeration Explained:

Enumeration maps WordPress usernames, plugins, themes, and API routes before any exploit fires.

The data itself isn't a vulnerability -- but it enables targeted, automated attacks. #WordPress #WordPressSecurity

youtu.be/76mkX65hH3Y

04.03.2026 00:16 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Wordfence Bug Bounty Program Monthly Report – January 2026 897 submissions. 151 active researchers. $21,517 in bounties awarded. 152 in-scope vulnerabilities validated in January 2026. https://www.wordfence.com/blog/2026/02/wordfence-bug-bounty-program-monthly-report-january-2026/

Wordfence Bug Bounty Program Monthly Report – January 2026 897 submissions. 151 active researchers. $21,517 in bounties awarded. 152 in-scope vulnerabilities validated in January 2026. https://www.wordfence.com/blog/2026/02/wordfence-bug-bounty-program-monthly-report-january-2026/

Wordfence Bug Bounty Program Monthly Report – January 2026

897 submissions. 151 active researchers. $21,517 in bounties awarded. 152 in-scope vulnerabilities validated in January 2026.

www.wordfence.com/blog/2026/02...

20.02.2026 23:43 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Wordfence Intelligence Weekly WordPress Vulnerability Report (February 9, 2026 to February 15, 2026)

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 9, 2026 to February 15, 2026)

Wordfence Intelligence Weekly WordPress Vulnerability Report

174 vulnerabilities disclosed in 139 WordPress Plugins and 28 WordPress Themes.

www.wordfence.com/blog/2026/02...

19.02.2026 20:09 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Wordfence Intelligence Weekly WordPress Vulnerability Report (February 2, 2026 to February 8, 2026)

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 2, 2026 to February 8, 2026)

Wordfence Intelligence Weekly WordPress Vulnerability Report
(February 2–February 8, 2026)

Last week, 121 new vulnerabilities were disclosed:

β€’ 100 WordPress plugins
β€’ 10 WordPress themes
β€’ 52 security researchers

Review to see if your site is affected:

www.wordfence.com/blog/2026/02...

12.02.2026 21:17 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

www.wordfence.com/blog/2026/02...

10.02.2026 19:25 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
800,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in WPvivid Backup WordPress Plugin

800,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in WPvivid Backup WordPress Plugin

A critical vulnerability (CVE-2026-1357, CVSS 9.8) in WPvivid Backup allows unauthenticated arbitrary file uploads, potentially leading to site takeover. Over 800,000 sites affected.

Update to version 0.9.124 ASAP

10.02.2026 19:24 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Thank you Steve, and we'll take your feedback (to see rejected reports) into consideration.

10.02.2026 19:20 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 26, 2026 to February 1, 2026)

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 26, 2026 to February 1, 2026)

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 26, 2026 to February 1, 2026)

120 vulnerabilities across 117 plugins/themes

Full report: www.wordfence.com/blog/2026/02...

05.02.2026 20:39 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
The Wordfence Threat Intelligence team has just released the Quarterly WordPress Threat Intelligence Report for Q4 2025

The Wordfence Threat Intelligence team has just released the Quarterly WordPress Threat Intelligence Report for Q4 2025

NEW: Q4 2025 WordPress Threat Intelligence Report

β€’ 9.1B WAF attacks blocked
β€’ 13.8B brute force attacks stopped
β€’ 2,213 new vulnerabilities discovered

www.wordfence.com/blog/2026/02...

03.02.2026 18:34 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 19, 2026 to January 25, 2026)

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 19, 2026 to January 25, 2026)

Last week, there wereΒ 215 vulnerabilities disclosed in 180 WordPress Plugins and 17 WordPress ThemesΒ that have been added to the Wordfence Intelligence Vulnerability Database by the Wordfence Threat Intelligence Team.

Read the full post on our blog for more details.

29.01.2026 20:47 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Wordfence Bug Bounty Program Monthly Report | December 2025
Wordfence Bug Bounty Program Monthly Report | December 2025 YouTube video by Wordfence

Wordfence Bug Bounty Program Monthly Report | December 2025

youtube.com/shorts/4C0BA...

28.01.2026 23:05 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
How To Create Strong Passwords
How To Create Strong Passwords YouTube video by Wordfence

How To Create Strong Passwords (60 Second Guide)

www.youtube.com/shorts/dkQVV...

27.01.2026 21:26 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

20,000 WordPress Sites Affected by Backdoor Vulnerability in LA-Studio Element Kit for Elementor (Originally posted on the Wordfence blog on January 21, 2026)

Read more: www.wordfence.com/blog/2026/01...

26.01.2026 22:30 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
How To Create Strong Passwords
How To Create Strong Passwords YouTube video by Wordfence

How To Create Strong Passwords (A 60 Second Guide)

www.youtube.com/watch?v=7vlF...

23.01.2026 21:36 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Wordfence Bug Bounty Program Monthly Report – December 2025

Wordfence Bug Bounty Program Monthly Report – December 2025

Wordfence Bug Bounty Program Monthly Report – December 2025

www.wordfence.com/blog/2026/01...

23.01.2026 20:48 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 12, 2026 to January 18, 2026) Highlights

22.01.2026 21:24 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 12, 2026 to January 18, 2026)

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 12, 2026 to January 18, 2026)

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 12, 2026 to January 18, 2026)

www.wordfence.com/blog/2026/01...

22.01.2026 20:07 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

100K WordPress Sites Affected by Privilege Escalation Vuln in Advanced Custom Fields: Extended (Published January 19, 2026)

Full Article: www.wordfence.com/blog/2026/01...

22.01.2026 00:03 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

Learn How Credential Stuffing Attacks Work (Explained In Less Than 60 Seconds) with Wordfence threat researcher Alex Thomas

20.01.2026 20:02 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

Do you know how credential stuffing attacks work?

Learn all about it in less than 60 seconds πŸ‘€

20.01.2026 00:34 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
100,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Advanced Custom Fields: Extended WordPress Plugin

100,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Advanced Custom Fields: Extended WordPress Plugin

100,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Advanced Custom Fields: Extended WordPress Plugin

We urge users to update their sites with the latest patched version of Advanced Custom Fields: Extended, (0.9.2.2) as soon as possible.

www.wordfence.com/blog/2026/01...

20.01.2026 00:01 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

264 New Vulnerabilities Disclosed in This Week's Wordfence Intelligence Vulnerability Report | January 5, 2026 to January 11, 2026

Read The Full Report: www.wordfence.com/blog/2026/01...

15.01.2026 23:56 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 5, 2026 to January 11, 2026)

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 5, 2026 to January 11, 2026)

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 5, 2026 to January 11, 2026)

www.wordfence.com/blog/2026/01...

15.01.2026 19:43 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

How Brute Force Attacks Work:

Here's a very quick and simple explanation of the Brute Force attack - one of the most common against WordPress websites.

The Wordfence firewall blocked over 19.2 billion brute force attacks against over 5 million sites we protect JUST in Q3 of last year

14.01.2026 19:11 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Learn more about how Wordfence protects against brute force attacks on WordPress websites:

www.wordfence.com/help/firewal...

13.01.2026 21:26 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

Wordfence blocked 19.2 billion brute force attacks, JUST in Q3 of last year (up +98.9% from the previous quarter.)

While brute force attacks are simple, they can still be very effective. Get a quick education on this common attack in 60 seconds (actually...~38 seconds) in this video.

13.01.2026 21:25 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Video thumbnail

Wordfence Intelligence Weekly Vulnerability Report | December 15, 2025 to January 4, 2026

09.01.2026 22:50 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0