13 Jul

Protecting You Against Wordfence’s Bad Practices: XSS Vulnerability in All in One SEO Pack

Wordfence is putting WordPress website at risk by disclosing vulnerabilities in plugins with critical details needed to double check their work missing, in what appears to be an attempt to profit off of these vulnerabilities. We are releasing those details so that others can review the vulnerabilities to try to limit the damage Wordfence’s practice could cause.

[Read more]

12 Jul

Wordfence Spreading False Information on All in One SEO Pack Vulnerability

When it comes to improving WordPress security one of the things that we think is needed is better information, unfortunately we often see security companies being the ones pushing false information out there. We just ran across yet another example of this coming from the folks at Wordfence, which we though is important to point out, since they are trying to get people to share their “post with the larger WordPress community to create awareness of this security issue”, which we hope people don’t do since they are pushing out false information.

[Read more]