October 2019

Wordpress logo

The Wordfence Threat Intelligence team recently identified multiple critical vulnerabilities in the commercial Total Donations plugin for WordPress. These vulnerabilities, present in all known versions of the plugin up to and including 2.0.5, are being exploited by malicious actors to gain administrative access to affected WordPress sites.   It is our recommendation that site owners using Total Donations delete–not just deactivate–the vulnerable plugin as soon as possible to...

Read More