Skip to main content
JavaScript is disabled in your browser. Please enable JavaScript for a better experience.
Pricing
Case studies
Login
Start trial
🚀 Black Friday Deal! 50% off Developer Plan for 6 months
The latest WordPress security news and insights
Latest
WordPress Security 101
Plugin Recommendations
Security Advisories
Patchstack News
Case Studies
Bug Bounty
Search for:
Featured articles
20 February, 2025
Critical Privilege Escalation Patched in KLEO Theme's Plugin
ENVATO
Critical Vulnerability
privilege escalation
5 February, 2025
Rare Case of Privilege Escalation in ASE Plugin Affecting 100k+ Sites
Critical Vulnerability
privilege escalation
29 January, 2025
Privilege Escalation Vulnerability Patched in Better Find and Replace Plugin
privilege escalation
zeroday
better find and replace
Monthly security advice
Get the latest WordPress security intelligence delivered to your inbox.
NEW
: Get started with 5 bite-sized security lessons.
Email Signup
Email
Subscribe
23 December, 2024
Multiple Critical Vulnerabilities Patched in WPLMS and VibeBP Plugins
ENVATO
Critical Vulnerability
privilege escalation
arbitrary file upload
theme
SQL Injection
22 December, 2024
How to Configure the X-Frame-Options Header in WordPress
content-security-policy
x-frame-options
security headers
22 December, 2024
How To Protect WordPress Against Cross-Site Scripting Attacks (XSS)
xss vulnerabilities
wordpress xss
Cross-Site Scripting
21 December, 2024
Understanding Cookie Stealing Attacks: How They Work and Their Impact on WordPress Users
20 December, 2024
NEW: Announcing Patchstack API for Endless Automations
17 December, 2024
What to do if your WooCommerce site gets hacked: A 10-step recovery process
woocommerce
17 December, 2024
Virtual Patches vs. Hackers: Q4 2024’s Most Exploited WordPress Threats
WordPress security
vpatch
virtual patches
12 December, 2024
Multiple Critical Vulnerabilities Patched in Woffice Theme
Critical Vulnerability
privilege escalation
account takeover
theme
ENVATO
5 December, 2024
Unauthenticated Privilege Escalation Vulnerability Patched in Sweet Date Theme
Critical Vulnerability
privilege escalation
ENVATO
1 December, 2024
The Last WordPress Security Checklist You'll Ever Read
28 November, 2024
Authenticated RCE Patched in Rank Math SEO plugin
Critical Vulnerability
ENVATO
File Read
21 November, 2024
Unauthenticated Arbitrary File Read Vulnerability in Jobify Theme
Critical Vulnerability
ENVATO
File Read
« Previous
1
…
6
7
8
9
10
…
36
Next »
Load more
Website security
Pricing
For WordPress
For WooCommerce
For agencies
API for hosts
Documentation
Log in
For plugin devs
Managed VDP
Log in
Active programs
Security auditing
Compliance (CRA)
For researchers
Bug bounty
Log in
Guidelines
Leaderboard
Learn
Discord
Resources
Vulnerability database
Whitepaper 2025
Vulnerability statistics
Case studies
Articles
Patchstack
About
Careers
Merch store
Media kit
Socials
LinkedIn
Facebook
X
© 2026
Patchstack
DPA
Privacy Policy
Terms & Conditions
Website security
Pricing
For WordPress
For WooCommerce
For agencies
API for hosts
Documentation
Log in
For plugin devs
Managed VDP
Log in
Active programs
Security auditing
Compliance (CRA)
For researchers
Bug bounty
Log in
Guidelines
Leaderboard
Learn
Discord
Resources
Vulnerability database
Whitepaper 2025
Vulnerability statistics
Case studies
Articles
Patchstack
About
Careers
Merch store
Media kit
Socials
LinkedIn
Facebook
X
Looks like your browser is blocking our support chat widget. Turn off adblockers and reload the page.
Reload page
close
chevron-right
chevron-down
bars
cross
menu
