The latest WordPress security news and insights

Featured articles

10 January, 2025

Critical Vulnerability Patched in GiveWP Plugin

                Critical Vulnerability            

                php object injection            

                Zeroday bounties            

                zeroday            

                givewp

8 January, 2025

Critical Vulnerabilities Found in Fancy Product Designer Plugin

                Critical Vulnerability            

                arbitrary file upload            

                SQL Injection            

                ENVATO

23 December, 2024

Multiple Critical Vulnerabilities Patched in WPLMS and VibeBP Plugins

                theme            

                SQL Injection            

                ENVATO            

                Critical Vulnerability            

                privilege escalation            

                arbitrary file upload

5 December, 2024

Unauthenticated Privilege Escalation Vulnerability Patched in Sweet Date Theme

                Critical Vulnerability            

                privilege escalation            

                ENVATO            

1 December, 2024

The Last WordPress Security Checklist You’ll Ever Read

28 November, 2024

Authenticated RCE Patched in Rank Math SEO plugin

                Critical Vulnerability            

                ENVATO            

                File Read            

21 November, 2024

Unauthenticated Arbitrary File Read Vulnerability in Jobify Theme

                Critical Vulnerability            

                ENVATO            

                File Read            

20 November, 2024

The 5 Best WordPress Image Optimization Plugins (Tests Included)

20 November, 2024

Handling plugin security: Interview with LiteSpeed Cache’s Hai Zheng

                mvdp            

                Patchstack alliance            

                LiteSpeed Cache            

15 November, 2024

Protect Your Store: The Ultimate WooCommerce Security Checklist

woocommerce

14 November, 2024

Critical Account Takeover Patched in Really Simple Security Plugin

                Critical Vulnerability            

                account takeover            

                Really Simple Security            

13 November, 2024

Nearly 1000 Plugins Closed During WordPress Security Cleanup

                security            

                bug bounty            

30 October, 2024

WordPress Salts: What Are They, How They Work, and How to Use Them

                security auditing for WordPress            

                wordpress            

                wordpress salts            

                wpconfig

29 October, 2024

Rare Case of Privilege Escalation Patched in LiteSpeed Cache Plugin

                privilege escalation            

                LiteSpeed Cache            

                zeroday            

18 October, 2024

Security implications of WordPress repository access restrictions and plugin closures

« Previous 1 2 3 4 5 … 31 Next »

The latest WordPress security news and insights

Featured articles

Critical Vulnerability Patched in GiveWP Plugin

Critical Vulnerabilities Found in Fancy Product Designer Plugin

Multiple Critical Vulnerabilities Patched in WPLMS and VibeBP Plugins

Monthly security advice

Unauthenticated Privilege Escalation Vulnerability Patched in Sweet Date Theme

The Last WordPress Security Checklist You’ll Ever Read

Authenticated RCE Patched in Rank Math SEO plugin

Unauthenticated Arbitrary File Read Vulnerability in Jobify Theme

The 5 Best WordPress Image Optimization Plugins (Tests Included)

Handling plugin security: Interview with LiteSpeed Cache’s Hai Zheng

Protect Your Store: The Ultimate WooCommerce Security Checklist

Critical Account Takeover Patched in Really Simple Security Plugin

Nearly 1000 Plugins Closed During WordPress Security Cleanup

WordPress Salts: What Are They, How They Work, and How to Use Them

Rare Case of Privilege Escalation Patched in LiteSpeed Cache Plugin

Security implications of WordPress repository access restrictions and plugin closures

Website security

For plugin devs

For researchers

Resources

Patchstack

Socials

Website security

For plugin devs

For researchers

Resources

Patchstack

Socials