Protect your websites with the best WordPress security available.
Wordfence includes an endpoint firewall and malware scanner that were built from the ground up to protect WordPress. Our Threat Defense Feed arms Wordfence with the newest firewall rules, malware signatures and malicious IP addresses it needs to keep your website safe. Rounded out by a suite of additional features, Wordfence is the most comprehensive security option available.
fix bug
= 7.5.8 - February 1, 2022 =
* Launch of Wordfence Care and Wordfence Response
* Improvement: Updated GeoIP database
* Improvement: Removed blocking data update logic in order to reduce timeouts
* Improvement: Increased timeout value for API calls in order to reduce timeouts
* Improvement: Clarified notification count on Wordfence menu
* Improvement: Improved scan compatibility with WooCommerce
* Improvement: Added messaging when application passwords are disabled
* Fix: Prevented warnings and errors when constants are defined based on the value of other constants in...
* Improvement: Improved scan support for sites with non-standard directory structures
* Improvement: Increased accuracy of executable PHP upload detection
* Improvement: Addressed various deprecation notices with PHP 8.1
* Improvement: Improved handling of invalidated license keys
* Fix: Corrected lost password redirect URL when used with WooCommerce
* Fix: Prevented errors when live traffic data exceeds database column length
* Fix: Prevented bulk password resets from locking out admins
*...
Download Wordfence v7.5.11 - WordPress Security Plugin Nulled Free
= v7.5.11 - June 14, 2022 =
* Improvement: Added option to toggle display of last login column on WP Users page
* Improvement: Improved autocomplete support for 2FA code on Apple devices
* Improvement: Prevented Batcache from caching block pages
* Improvement: Updated GeoIP database
* Fix: Prevented extraneous scan results when non-existent paths are configured using UPLOADS and related constants
* Fix: Corrected issue...
Download Wordfence v7.6.0 - WordPress Security Plugin Nulled Free
= v7.6.0 - July 28, 2022 =
* Improvement: Added option to start scans using only IPv4
* Improvement: Added diagnostic for internal IPv6 connectivity to site
* Improvement: Added AUTOMATIC_UPDATER_DISABLED diagnostic
* Improvement: Updated password strength check
* Improvement: Added support for scanning plugin/theme files in when using the WP_CONTENT_DIR/WP_PLUGIN_DIR constants
* Improvement: Updated GeoIP database
*...
= 7.6.1 - September 6, 2022 =
* Fix: Prevented XSS that would have required admin privileges to exploit (CVE-2022-3144)
* Improvement: Hardened 2FA login flow to reduce exposure in cases where an attacker is able to obtain privileged information from the database
- Improvement: Added configurable scan resume functionality to prevent scan failures on sites with intermittent connectivity issues
- Improvement: Added new scan result for vulnerabilities found in plugins that do not have patched versions available via WordPress.org
- Improvement: Implemented stand-alone MMDB reader for IP address lookups to prevent plugin conflicts and support additional PHP versions
- Improvement: Added option to disable looking up IP address locations via the...
- Fix: Prevented scan resume attempts from repeating indefinitely when the initial scan stage fails
- Improvement: The vulnerability severity score (CVSS) is now shown with any vulnerability findings from the scanner
- Improvement: Changed several links during initial setup to open in a new window/tab so it doesn’t interrupt installation
- Change: Removed the non-https callback test to the Wordfence servers
- Fix: Fixed an error on PHP 8 that could occur when checking for plugin updates and another plugin has a broken hook
- Fix: Added a check for disabled functions when...
- Improvement: Added exception handling to prevent WAF errors from being fatal
- Fix: Corrected error caused by method call on null in WAF
- Change: Deprecated support for PHP 5.5 and 5.6, ended support for PHP 5.3 and 5.4
- Change: Specified WAF version parameter when requesting firewall rules
- Improvement: Added translation support for strings from login security plugin
- Improvement: Added translator notes regarding word order and hidden text
- Improvement: Added translation support for additional strings
- Improvement: Prevented scans from failing if unreadable directories are encountered
- Improvement: Added help link to IPv4 scan option
- Improvement: Updated scan result text to clarify meaning of plugins removed from wordpress.org
- Improvement: Made...
* Improvement: Added support for processing arrays of files in the WAF
* Improvement: Refactored security event processing to send events in bulk
* Improvement: Updated bundled sodium_compat and random_compat libraries
* Fix: Prevented deprecation warning caused by dynamic property creation
* Fix: Added translation support for additional strings
* Change: Adjusted Wordfence registration UI
Fix: Prevented bundled sodium_compat library from conflicting with versions included with older WordPress versions
* Improvement: Updated GeoIP database
* Fix: Added missing text domain to translation function call
* Fix: Corrected inconsistent styling of switch controls
* Change: Made MySQLi storage engine the default for Flywheel hosted sites
no changelog for this version
* Improvement: Updated the bundled GeoIP database
* Improvement: Added detection for Cloudflare reverse proxies blocking callbacks to the site
* Change: Files are no longer excluded from future scans if a previous scan stopped during their processing
* Fix: Added handling for the pending WordPress 6.4 change that removes $wpdb->use_mysqli
* Fix: The WAF MySQLi storage engine will now work correctly when either DB_COLLATE or DB_CHARSET are not defined
* Fix: Added additional error handling to...