🚀 Black Friday Deal! 50% off Developer Plan for 6 months

The latest WordPress security news and insights

Featured articles

Critical SQL Injection Found in Porto Theme's Plugin

20 December, 2023

Critical SQL Injection Found in Porto Theme's Plugin

                Critical Vulnerability            

                SQL Injection            

                Porto            

                Premium Theme

Multiple Vulnerabilities Patched in Themify Ultra Theme

12 December, 2023

Multiple Vulnerabilities Patched in Themify Ultra Theme

                theme            

                themify            

                settings change            

                privilege escalation            

                arbitrary file upload            

                php object injection

Critical Vulnerability in Elementor Affecting 5+ Million Websites

8 December, 2023

Critical Vulnerability in Elementor Affecting 5+ Million Websites

                Critical Vulnerability            

                Elementor            

                arbitrary file upload            

Patchstack weekly 51 - vulnerability supply chain problems

12 December, 2022

Patchstack Weekly #51: How One Vulnerability Affects Many

patchstack weekly

7 December, 2022

Patching a Broken Access Control Bug in the "account-manager-woocommerce" Plugin

last patch

5 December, 2022

December WordPress Bug-Hunting Challenge

patchstack weekly - when hacks come back

5 December, 2022

Patchstack Weekly #50: When Hacks Come Back

patchstack weekly

29 November, 2022

Patching an Arbitrary Plugin Disablement Bug in the "webmaster-tools-verification" Plugin

last patch

21 November, 2022

Patchstack Weekly #49: Hunting Open-Source Security Bugs with SAST.

patchstack weekly

15 November, 2022

Patching Remote Code Execution in the 'member-hero' Plugin

last patch

14 November, 2022

Patchstack Weekly #48: Dealing with End of Life and Unsupported Open Source Projects.

patchstack weekly

8 November, 2022

Patching an Arbitrary File Download Vulnerability in wsm-downloader

last patch

7 November, 2022

Patchstack Weekly #47: What Is Type Juggling in PHP?

patchstack weekly

31 October, 2022

Patchstack Weekly #46: How To Protect WordPress Against Cross-Site Scripting Attacks (XSS)

patchstack weekly

24 October, 2022

Patchstack Weekly #45: What Is an Open Redirect Bug (and Why It's Dangerous)?

patchstack weekly

« Previous 1 … 19 20 21 22 23 … 35 Next »

Looks like your browser is blocking our support chat widget. Turn off adblockers and reload the page.

Reload page

The latest WordPress security news and insights

Featured articles

Critical SQL Injection Found in Porto Theme's Plugin

Multiple Vulnerabilities Patched in Themify Ultra Theme

Critical Vulnerability in Elementor Affecting 5+ Million Websites

Monthly security advice

Patchstack Weekly #51: How One Vulnerability Affects Many

Patching a Broken Access Control Bug in the "account-manager-woocommerce" Plugin

December WordPress Bug-Hunting Challenge

Patchstack Weekly #50: When Hacks Come Back

Patching an Arbitrary Plugin Disablement Bug in the "webmaster-tools-verification" Plugin

Patchstack Weekly #49: Hunting Open-Source Security Bugs with SAST.

Patching Remote Code Execution in the 'member-hero' Plugin

Patchstack Weekly #48: Dealing with End of Life and Unsupported Open Source Projects.

Patching an Arbitrary File Download Vulnerability in wsm-downloader

Patchstack Weekly #47: What Is Type Juggling in PHP?

Patchstack Weekly #46: How To Protect WordPress Against Cross-Site Scripting Attacks (XSS)

Patchstack Weekly #45: What Is an Open Redirect Bug (and Why It's Dangerous)?

Website security

For plugin devs

For researchers

Resources

Patchstack

Socials

Website security

For plugin devs

For researchers

Resources

Patchstack

Socials