🚀 Black Friday Deal! 50% off Developer Plan for 6 months

The latest WordPress security news and insights

Featured articles

Two Path to Privilege Escalation Bugs Found In the Simple Membership Plugin

27 September, 2023

Two Paths to Privilege Escalation Vulnerability In The Simple Membership Plugin

                privilege escalation            

                simple membership            

Authenticated Privilege Escalation in Essential Addons for Elementor Plugin

15 September, 2023

Authenticated Privilege Escalation Vulnerability in Essential Addons for Elementor

                Essential Addons for Elementor            

                privilege escalation            

Unauthenticated PHP Object Injection in Flatsome Theme

6 September, 2023

Unauthenticated PHP Object Injection in Flatsome Theme <= 3.17.5

                php object injection            

                flatsome            

19 September, 2022

Patchstack Weekly #40: The WordCamp US Roundup

                patchstack weekly            

                WCUS            

16 September, 2022

Patchstack Weekly #35: SVG XSS Reported in Gutenberg

                WordPress Security Vulnerabilities            

                patchstack weekly            

Why you shouldn't use nulled wordpress plugins and themes

1 August, 2022

Patchstack Weekly #34: Why You Shouldn't Use Nulled Plugins and Themes

patchstack weekly

25 July, 2022

Patchstack Weekly #33: What is Server Side Request Forgery (SSRF)?

                WordPress Security Vulnerabilities            

                patchstack weekly            

« Previous 1 … 21 22 23 24 25 … 35 Next »

Website security

Pricing For WordPress For WooCommerce For agencies API for hosts Documentation Log in

For plugin devs

Managed VDP

Log in

Active programs Security auditing

Compliance (CRA)

For researchers

Bug bounty

Log in

Guidelines Leaderboard

Learn

Discord

Resources

Vulnerability database Whitepaper 2025

Vulnerability statistics

Case studies

Articles

Patchstack

About Careers Merch store Media kit

Socials

LinkedIn Facebook X

DPA Privacy Policy Terms & Conditions

Looks like your browser is blocking our support chat widget. Turn off adblockers and reload the page.

Reload page

The latest WordPress security news and insights

Featured articles

Two Paths to Privilege Escalation Vulnerability In The Simple Membership Plugin

Authenticated Privilege Escalation Vulnerability in Essential Addons for Elementor

Unauthenticated PHP Object Injection in Flatsome Theme <= 3.17.5

Monthly security advice

Patchstack Weekly #40: The WordCamp US Roundup

Patchstack Alliance August Winners & Leaderboard

Patchstack Weekly #39: WordPress 6.0.2 Security Release Details

Patchstack Is Partnering With Hostinger to Make WordPress Safer

Patchstack Weekly #38: What is Your Time to Patch?

Patchstack Weekly #37: What Is a CVSS Score?

Patchstack Alliance July Winners & Leaderboard

Patchstack Weekly #36: What Makes a Good Security Bug Patching Practice?

A "New" Bug - PHP Object Injection via Insecure Instantiation

Patchstack Weekly #35: SVG XSS Reported in Gutenberg

Patchstack Weekly #34: Why You Shouldn't Use Nulled Plugins and Themes

Patchstack Weekly #33: What is Server Side Request Forgery (SSRF)?

Website security

For plugin devs

For researchers

Resources

Patchstack

Socials

Website security

For plugin devs

For researchers

Resources

Patchstack

Socials