Wordfence Intelligence Weekly WordPress Vulnerability Report (April 6, 2026 to April 12, 2026)
154 vulnerabilities were disclosed last week across 118 plugins and 23 themes. Wordfence tools help users monitor and patch risks effectively.
Report Tag: wordpress updates
Attackers Actively Exploiting Critical Vulnerability in Kali Forms Plugin
Critical RCE vulnerability in Kali Forms plugin actively exploited since March 20, 2026. Over 312,200 attacks blocked by Wordfence. Update to version 2.4.10 immediately.
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 30, 2026 to April 5, 2026)
Wordfence's latest report reveals 54 vulnerabilities across 49 WordPress plugins, with 52 patched. XSS leads vulnerabilities, highlighting security risks.
50,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in Ninja Forms Plugin
A critical vulnerability in Ninja Forms – File Upload plugin exposes 50,000 WordPress sites to remote code execution attacks. Update to version 3.3.27 immediately.
200,000 WordPress Sites Affected by Arbitrary File Move Vulnerability in MW WP Form Plugin
A vulnerability in MW WP Form plugin affects 200,000 WordPress sites, risking file moves like wp-config.php. Update to version 5.1.1 immediately.
WordPress Industry Updates: Plugin Surge, New Browser Tool, and 7.0 Release Delay
WordPress 7.0's release has been delayed, plugin submissions are at record highs, and My.WordPress.net redefines browser-based WordPress usage.
Themes Team Update: March 25, 2026 Highlights New Activity and Key Stats
The WordPress Themes Team processed over 1,200 tickets last week, with 1,173 themes made live. Block theme adoption and plugin activity highlight ongoing ecosystem growth.
Rethinking WordPress Left Navigation: Major Overhaul Proposed
WordPress Core proposes a major overhaul of the admin left navigation menu, aiming to improve usability and organization for site operators and developers.
WordPress Plugins Team Faces Mounting Approval Queue Challenges
The WordPress Plugins Team reports 4704 plugins in the queue, with almost 4000 pending for over a week, indicating growing delays.
Why Managed WordPress Hosting Is Essential for Site Operators
Managed WordPress hosting automates site management, enhancing performance and security. Discover the key benefits and what to consider when choosing a provider.
