Attackers Actively Exploiting Critical Vulnerability in Kali Forms Plugin
Critical RCE vulnerability in Kali Forms plugin actively exploited since March 20, 2026. Over 312,200 attacks blocked by Wordfence. Update to version 2.4.10 immediately.
Category
Security
AI Now Powers 66% of WordPress Vulnerability Research: Impacts & Insights
AI-assisted vulnerability research now drives 66% of WordPress submissions, transforming security workflows while raising stakes for defenders.
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 30, 2026 to April 5, 2026)
Wordfence's latest report reveals 54 vulnerabilities across 49 WordPress plugins, with 52 patched. XSS leads vulnerabilities, highlighting security risks.
50,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in Ninja Forms Plugin
A critical vulnerability in Ninja Forms – File Upload plugin exposes 50,000 WordPress sites to remote code execution attacks. Update to version 3.3.27 immediately.
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 23, 2026 to March 29, 2026)
Wordfence Intelligence reports 106 vulnerabilities in WordPress plugins and themes last week, with high-threat bug bounty rewards available until April 6.
200,000 WordPress Sites Affected by Arbitrary File Move Vulnerability in MW WP Form Plugin
A vulnerability in MW WP Form plugin affects 200,000 WordPress sites, risking file moves like wp-config.php. Update to version 5.1.1 immediately.
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 16, 2026 to March 22, 2026)
Wordfence Intelligence disclosed 258 vulnerabilities in WordPress plugins and themes last week, with 138 patched and 120 unpatched. Critical bugs highlight ongoing risks.
Wordfence Intelligence: 116 WordPress Vulnerabilities Disclosed Last Week
116 WordPress vulnerabilities were disclosed last week, including 6 critical ones. Wordfence highlights risks and urges operators to act now.
WordPress Vulnerabilities Surge in March 2026 Report
WordPress security faces a surge with 201 new vulnerabilities reported last week, highlighting the need for urgent updates and vigilance.
400,000 Sites Threatened: SQL Injection in Ally Plugin
A critical SQL Injection vulnerability in the Ally plugin puts 400,000 WordPress sites at risk. Swift patching is essential to protect sensitive data.
