🎉 NEW: Reduce alert fatigue with the new Patch Priority scoring system

The latest WordPress security news and insights

Featured articles

8 November, 2023

Patchstack Is Introducing Patchstack Priority

                Patchstack news            

                WordPress security            

Arbitrary Attachment Render to XSS in Elementor Plugin - vulnerability - patchstack blog

8 November, 2023

Arbitrary Attachment Render to XSS in Elementor Plugin

                Elementor            

                xss            

Cloudways vulnerability scanner now powered by Patchstack's vulnerability database

26 October, 2023

Patchstack Partners With Cloudways

                Patchstack news            

                WordPress security            

Patchstack - premium wordpress theme security risks - case study

6 October, 2023

Case Study: When Your Premium WordPress Theme Is More Than You Bargained For

                WordPress security            

                case study            

patchstack - how to limit login attempts on wordpress - 5 methods

28 September, 2023

How To Limit Login Attempts on WordPress (+ Should You?)

WordPress security

Two Path to Privilege Escalation Bugs Found In the Simple Membership Plugin

27 September, 2023

Two Paths to Privilege Escalation Vulnerability In The Simple Membership Plugin

                privilege escalation            

                simple membership            

Authenticated Privilege Escalation in Essential Addons for Elementor Plugin

15 September, 2023

Authenticated Privilege Escalation Vulnerability in Essential Addons for Elementor

                Essential Addons for Elementor            

                privilege escalation            

WordPress.org is an open source cms, but WordPress.com is a paid hosting platform

14 September, 2023

Patchstack Is FREE On the Official WordPress Repository

6 September, 2023

Unauthenticated PHP Object Injection in Flatsome Theme <= 3.17.5

                php object injection            

                flatsome            

31 August, 2023

Critical Arbitrary File Upload Patched in Forminator Plugin

                Critical Vulnerability            

                arbitrary file upload            

                forminator            

30 August, 2023

Pre-Auth Access Token Manipulation in All-in-One WP Migration Extensions

                access token            

                all-in-one wp migration            

Patchstack - wordpress zombie plugin pandemic affecting 1.6 million websites

25 August, 2023

The WordPress “Zombie” Plugins Pandemic Affects 1.6M+ Websites

jupiter x core vulnerability patched - patchstack social - rafie mohammad

24 August, 2023

Critical Vulnerabilities Patched in Jupiter X Core Plugin

                Critical Vulnerability            

                arbitrary file upload            

                account takeover            

                Jupiter X

10 August, 2023

Multiple High and Critical Vulnerabilities in Avada Theme and Plugin

3 August, 2023

Authenticated RCE in JetElements For Elementor Plugin

                Critical Vulnerability            

                Elementor            

                rce            

                jetelements