Skip to main content
JavaScript is disabled in your browser. Please enable JavaScript for a better experience.
Pricing
Solutions
WordPress security
For hosts
Managed VDP
Bug bounty
Plugin auditing
Vulnerability database
Resources
Case studies
Security advisories
WordPress security 101
2025 security whitepaper
CRA compliance guide
Login
Start trial
🚀 Black Friday Deal! 50% off Developer Plan for 6 months
The latest WordPress security news and insights
Latest
WordPress Security 101
Plugin Recommendations
Security Advisories
Patchstack News
Case Studies
Bug Bounty
Search for:
Featured articles
9 January, 2024
AI Engine Plugin Affected by Critical Vulnerability
AI Engine
Critical Vulnerability
arbitrary file upload
20 December, 2023
Critical SQL Injection Found in Porto Theme's Plugin
Critical Vulnerability
SQL Injection
Porto
Premium Theme
12 December, 2023
Multiple Vulnerabilities Patched in Themify Ultra Theme
settings change
privilege escalation
arbitrary file upload
php object injection
theme
themify
Monthly security advice
Get the latest WordPress security intelligence delivered to your inbox.
NEW
: Get started with 5 bite-sized security lessons.
Email Signup
Email
Subscribe
12 December, 2022
Patching an Arbitrary User Creation Security Bug in "thecartpress" Plugin
last patch
12 December, 2022
Patchstack Weekly #51: How One Vulnerability Affects Many
patchstack weekly
7 December, 2022
Patching a Broken Access Control Bug in the "account-manager-woocommerce" Plugin
last patch
5 December, 2022
December WordPress Bug-Hunting Challenge
5 December, 2022
Patchstack Weekly #50: When Hacks Come Back
patchstack weekly
29 November, 2022
Patching an Arbitrary Plugin Disablement Bug in the "webmaster-tools-verification" Plugin
last patch
21 November, 2022
Patchstack Weekly #49: Hunting Open-Source Security Bugs with SAST.
patchstack weekly
15 November, 2022
Patching Remote Code Execution in the 'member-hero' Plugin
last patch
14 November, 2022
Patchstack Weekly #48: Dealing with End of Life and Unsupported Open Source Projects.
patchstack weekly
8 November, 2022
Patching an Arbitrary File Download Vulnerability in wsm-downloader
last patch
7 November, 2022
Patchstack Weekly #47: What Is Type Juggling in PHP?
patchstack weekly
31 October, 2022
Patchstack Weekly #46: How To Protect WordPress Against Cross-Site Scripting Attacks (XSS)
patchstack weekly
« Previous
1
…
19
20
21
22
23
…
35
Next »
Load more
Website security
Pricing
For WordPress
For WooCommerce
For agencies
API for hosts
Documentation
Log in
For plugin devs
Managed VDP
Log in
Active programs
Security auditing
Compliance (CRA)
For researchers
Bug bounty
Log in
Guidelines
Leaderboard
Learn
Discord
Resources
Vulnerability database
Whitepaper 2025
Vulnerability statistics
Case studies
Articles
Patchstack
About
Careers
Merch store
Media kit
Socials
LinkedIn
Facebook
X
© 2025
Patchstack
DPA
Privacy Policy
Terms & Conditions
Website security
Pricing
For WordPress
For WooCommerce
For agencies
API for hosts
Documentation
Log in
For plugin devs
Managed VDP
Log in
Active programs
Security auditing
Compliance (CRA)
For researchers
Bug bounty
Log in
Guidelines
Leaderboard
Learn
Discord
Resources
Vulnerability database
Whitepaper 2025
Vulnerability statistics
Case studies
Articles
Patchstack
About
Careers
Merch store
Media kit
Socials
LinkedIn
Facebook
X
Looks like your browser is blocking our support chat widget. Turn off adblockers and reload the page.
Reload page
close
chevron-right
chevron-down
bars
cross
menu
