Episode 98: How Application Passwords Work in WordPress 5.6




Think Like a Hacker with Wordfence show

Summary: WordPress 5.6 was released this week with a new feature: application passwords. In this episode we talk about how application passwords work, where to find them in WordPress, and why Wordfence decided to turn them off by default in version 7.4.14. We also talk about a new Magecart attack that places card skimmers in CSS files. MailPoet is joining WooCommerce. FireEye reported they were hacked by a nation state APT group, and a wormable zero-click vulnerability was found in Microsoft Teams.