Skip to main content
JavaScript is disabled in your browser. Please enable JavaScript for a better experience.
Pricing
Solutions
WordPress security
For hosts
Managed VDP
Bug bounty
Plugin auditing
Vulnerability database
Resources
Case studies
Security advisories
WordPress security 101
2025 security whitepaper
CRA compliance guide
Login
Start trial
🚀 Black Friday Deal! 50% off Developer Plan for 6 months
The latest WordPress security news and insights
Latest
WordPress Security 101
Plugin Recommendations
Security Advisories
Patchstack News
Case Studies
Bug Bounty
Search for:
Featured articles
29 October, 2024
Rare Case of Privilege Escalation Patched in LiteSpeed Cache Plugin
LiteSpeed Cache
zeroday
privilege escalation
18 October, 2024
Security implications of WordPress repository access restrictions and plugin closures
17 October, 2024
Critical Vulnerabilities in Ultimate Membership Pro Plugin
privilege escalation
php object injection
Monthly security advice
Get the latest WordPress security intelligence delivered to your inbox.
NEW
: Get started with 5 bite-sized security lessons.
Email Signup
Email
Subscribe
19 June, 2024
Patchstack's Weekly WordPress Vulnerability Overview - June 11 to 18, 2024
6 June, 2024
Multiple Vulnerabilities in WooCommerce Amazon Affiliates Plugin
privilege escalation
SQL Injection
arbitrary option update
WZone
ENVATO
5 June, 2024
Patchstack's Weekly WordPress Vulnerability Overview - May 29 to June 04 2024
4 June, 2024
Make Things New Case Study: Enabling Peace of Mind with Patchstack
case study
3 June, 2024
Property Portal Marketing Case Study: Staying Safe and Preventing Post-Update Bugs with Patchstack
case study
3 June, 2024
EfficientWP Case Study: Spending Less Time on WordPress Update Management with Patchstack
case study
3 June, 2024
ellegaard ID Case Study: From Cleaning Up Hacked Sites to Security by Default
case study
28 May, 2024
Unauthenticated XSS Vulnerability Patched in Slider Revolution Plugin
xss
Slider Revolution
Audit
22 May, 2024
Critical Vulnerability Patched in UserPro Plugin
Critical Vulnerability
privilege escalation
account takeover
UserPro
21 May, 2024
Interview with Mat Rollings AKA stealthcopter
researcher
security
17 May, 2024
Exploring the Unknown: Beneath the Surface of Unpatched WordPress SSRF
ssrf
WordPress core
14 May, 2024
Critical Vulnerabilities Found in XStore Theme and Plugin
Critical Vulnerability
account takeover
php object injection
SQL Injection
arbitrary option update
XStore
« Previous
1
…
7
8
9
10
11
…
33
Next »
Load more
Website security
Pricing
For WordPress
For WooCommerce
For agencies
API for hosts
Documentation
Log in
For plugin devs
Managed VDP
Log in
Active programs
Security auditing
Compliance (CRA)
For researchers
Bug bounty
Log in
Guidelines
Leaderboard
Learn
Discord
Resources
Vulnerability database
Whitepaper 2025
Vulnerability statistics
Case studies
Articles
Patchstack
About
Careers
Merch store
Media kit
Socials
LinkedIn
Facebook
X
© 2025
Patchstack
DPA
Privacy Policy
Terms & Conditions
Website security
Pricing
For WordPress
For WooCommerce
For agencies
API for hosts
Documentation
Log in
For plugin devs
Managed VDP
Log in
Active programs
Security auditing
Compliance (CRA)
For researchers
Bug bounty
Log in
Guidelines
Leaderboard
Learn
Discord
Resources
Vulnerability database
Whitepaper 2025
Vulnerability statistics
Case studies
Articles
Patchstack
About
Careers
Merch store
Media kit
Socials
LinkedIn
Facebook
X
Looks like your browser is blocking our support chat widget. Turn off adblockers and reload the page.
Reload page
close
chevron-right
chevron-down
bars
cross
menu
