Wordfence

SQL Injection Vulnerability in Ally WordPress Plugin Puts 200K+ Sites at Risk

3 minute read

Security

SQL Injection Vulnerability in Ally WordPress Plugin Exposes 200K+ Sites

SQL injection flaw in Ally WordPress plugin exposes 200,000+ sites to data theft. Patch released, but most installations remain unpatched and vulnerable.

byWaqas

March 13, 2026

Mass Attack Targets WordPress via GutenKit and Hunk Companion Plugins

2 minute read

Security

Mass Attack Targets WordPress via GutenKit and Hunk Companion Plugins

Mass exploitation attacks are once again targeting WordPress websites, this time through serious vulnerabilities in two popular plugins,…

byWaqas

October 28, 2025

Auth Bypass Flaw in Service Finder WordPress Plugin Under Active Exploit

3 minute read

Security

Auth Bypass Flaw in Service Finder WordPress Plugin Under Active Exploit

An Authentication Bypass (CVE-2025-5947) in Service Finder Bookings plugin allows any unauthenticated attacker to log in as an administrator. Over 13,800 exploit attempts detected. Update to v6.1 immediately.

byDeeba Ahmed

October 10, 2025

2 minute read

New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare

Wordfence exposes a sophisticated WordPress malware campaign using a rogue WordPress Core plugin. Active since 2023, it steals credit cards and credentials with advanced anti-detection.

byDeeba Ahmed

June 25, 2025

2 minute read

Sneaky WordPress Malware Disguised as Anti-Malware Plugin

WordPress sites are under threat from a deceptive anti-malware plugin. Learn how this malware grants backdoor access, hides…

byDeeba Ahmed

April 30, 2025

The Latest

Hacker Group LAPSUS$ Claims Alleged AstraZeneca Data Breach

Why Image Format Conversion Is Becoming a Practical Issue in Web Security and Performance

New Fake Zoom Meeting Invite Scam Spreads Malware on Windows PCs

CISO Whisperer Names 11 Vendors Leading the Shift from Tools to Outcomes at RSA Conference 2026

Wordfence

SQL Injection Vulnerability in Ally WordPress Plugin Exposes 200K+ Sites

Mass Attack Targets WordPress via GutenKit and Hunk Companion Plugins

Auth Bypass Flaw in Service Finder WordPress Plugin Under Active Exploit

New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare

Sneaky WordPress Malware Disguised as Anti-Malware Plugin

SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft

Orchid Security Recognized by Gartner® as a Representative Vendor of Guardian Agents

GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub

Kevuru Games Outlines the Shift Toward Flexible Art Production in the Games Industry

AI-HealthTech Innovator Humata Health Partners with AccuKnox for Zero Trust CNAPP