Skip to main content
JavaScript is disabled in your browser. Please enable JavaScript for a better experience.
Pricing
Solutions
WordPress security
For hosts
Managed VDP
Bug bounty
Plugin auditing
Vulnerability database
Resources
Case studies
Security advisories
WordPress security 101
2025 security whitepaper
Login
Start trial
🚀 Black Friday Deal! 50% off Developer Plan for 6 months
The latest WordPress security news and insights
Latest
WordPress Security 101
Plugin Recommendations
Security Advisories
Patchstack News
Case Studies
Bug Bounty
Search for:
Featured articles
14 May, 2024
Critical Vulnerabilities Found in XStore Theme and Plugin
SQL Injection
arbitrary option update
XStore
Critical Vulnerability
account takeover
php object injection
7 May, 2024
High Priority Vulnerabilities Patched in Uncode Core Plugin
privilege escalation
Uncode
arbitrary file deletion
plugin
3 April, 2024
Critical Vulnerabilities Patched in REHub Theme and Plugin
Critical Vulnerability
SQL Injection
REHub
Local File Inclusion
Monthly security advice
Get the latest WordPress security intelligence delivered to your inbox.
NEW
: Get started with 5 bite-sized security lessons.
Email Signup
Email
Subscribe
3 August, 2023
Authenticated RCE in JetElements For Elementor Plugin
Elementor
rce
jetelements
Critical Vulnerability
27 July, 2023
Multiple High Severity Vulnerabilities in Ninja Forms Plugin
ninja forms
xss
broken access control
18 July, 2023
Site-Wide Reflected XSS in Freemius WordPress SDK Affecting Millions of Sites
freemius
supply chain attack
xss
14 July, 2023
Critical Privilege Escalation in HT Mega Plugin Affecting 100k+ Sites
Critical Vulnerability
privilege escalation
13 June, 2023
Unauthenticated IDOR to PII Disclosure in WooCommerce Stripe Gateway Plugin
Security Advisory
31 May, 2023
How to Secure WordPress Login URL
WordPress security
30 May, 2023
Unauthenticated PHP Object Injection in Gravity Forms Plugin
Security Advisory
29 May, 2023
How To Prevent Image Hotlinking in WordPress
WordPress security
19 May, 2023
CSRF to wp-admin Site Wide XSS in UpdraftPlus Plugin
Security Advisory
18 May, 2023
How to Install SSL Certificate on WordPress
WordPress security
17 May, 2023
WordPress Core 6.2.1 Security Update - Technical Advisory
Security Advisory
11 May, 2023
Critical Privilege Escalation in Essential Addons for Elementor
Security Advisory
« Previous
1
…
12
13
14
15
16
…
33
Next »
Load more
Website security
Pricing
For WordPress
For WooCommerce
For agencies
API for hosts
Documentation
Log in
For plugin devs
Managed VDP
Log in
Active programs
Security auditing
For researchers
Bug bounty
Log in
Guidelines
Leaderboard
Learn
Discord
Resources
Vulnerability database
Whitepaper 2025
Vulnerability statistics
Case studies
Articles
Patchstack
About
Careers
Merch store
Media kit
Socials
LinkedIn
Facebook
X
© 2025
Patchstack
DPA
Privacy Policy
Terms & Conditions
Website security
Pricing
For WordPress
For WooCommerce
For agencies
API for hosts
Documentation
Log in
For plugin devs
Managed VDP
Log in
Active programs
Security auditing
For researchers
Bug bounty
Log in
Guidelines
Leaderboard
Learn
Discord
Resources
Vulnerability database
Whitepaper 2025
Vulnerability statistics
Case studies
Articles
Patchstack
About
Careers
Merch store
Media kit
Socials
LinkedIn
Facebook
X
© 2025
Patchstack
DPA
Privacy Policy
Terms & Conditions
Looks like your browser is blocking our support chat widget. Turn off adblockers and reload the page.
Reload page
close
chevron-right
chevron-down
bars
cross
menu
