JavaScript is disabled in your browser. Please enable JavaScript for a better experience.
Pricing
Solutions
WordPress security
For care plans
API for developers
API for hosts
For plugin developers
For researchers
Vulnerability database
Community
Login
Start FREE
📣 Read our freshly released
State of WordPress Security In 2022
whitepaper
Latest
Security Advice
Security Advisories
Patchstack News
Patchstack How-To's
Featured
Author's position will be here
Featured
Latest
Security Advice
Security Advisories
Patchstack News
Patchstack How-To's
Search for:
15 September, 2023
Authenticated Privilege Escalation in Essential Addons for Elementor Plugin
privilege escalation
Essential Addons for Elementor
6 September, 2023
Unauthenticated PHP Object Injection in Flatsome Theme <= 3.17.5
php object injection
flatsome
31 August, 2023
Critical Arbitrary File Upload Patched in Forminator Plugin
forminator
arbitrary file upload
Critical Vulnerability
30 August, 2023
Pre-Auth Access Token Manipulation in All-in-One WP Migration Extensions
access token
all-in-one wp migration
24 August, 2023
Critical Vulnerabilities Patched in Jupiter X Core Plugin
arbitrary file upload
Critical Vulnerability
account takeover
Jupiter X
10 August, 2023
Multiple High and Critical Vulnerabilities in Avada Theme and Plugin
rce
ssrf
sqli
avada
xss
3 August, 2023
Authenticated RCE in JetElements For Elementor Plugin
rce
jetelements
Elementor
Critical Vulnerability
27 July, 2023
Multiple High Severity Vulnerabilities in Ninja Forms Plugin
ninja forms
broken access control
xss
18 July, 2023
Site Wide Reflected XSS in Freemius WordPress SDK Affecting Millions of Sites
freemius
supply chain attack
xss
31 May, 2023
How to Secure WordPress Login URL
WordPress security
18 May, 2023
How to Install SSL Certificate on WordPress
WordPress security
10 May, 2023
How To Backup A WordPress Website (3 Methods)
WordPress security
8 May, 2023
How To Find Out If My WordPress Site Has Vulnerable Plugins?
WordPress Security Vulnerabilities
8 May, 2023
Patchstack Weekly #68: Ending On a High Note
patchstack weekly
5 May, 2023
Introducing Patchstack Reports – Downloadable Website Security Reports
2 May, 2023
11 Essential WooCommerce Security Tips
WooCommerce Security
2 May, 2023
Introducing the New Patchstack Developer Plan
patchstack developer plan
24 April, 2023
What Is An Open-Source Fork And How To Secure it?
patchstack weekly
14 April, 2023
How I Started Selling WordPress Care Plans To My Clients?
sell WordPress care plans
13 April, 2023
How To Add Uptime Monitoring on WordPress Website?
uptime monitoring
11 April, 2023
Patchstack Weekly #66: How To Secure Your Code Against Insecure Inclusion Bugs
patchstack weekly
5 April, 2023
Patchstack Weekly #65: The One Serious Vulnerability Open-Source Doesn’t Have to Worry About
patchstack weekly
1 April, 2023
WordPress Source Code Exposed Online
WordPress Source Code
31 March, 2023
Announcing Patchstack Alliance Season 1 – New Bug Hunt Challenge and Rewards
Patchstack alliance
28 March, 2023
Patchstack Weekly #64: Understanding Security Bug Severity
patchstack weekly
22 March, 2023
Patchstack Weekly #63: How To Spot Potentially Abandoned Plugins in Your WordPress Site
abandoned plugins
17 March, 2023
The Complete Guide To WordPress Security
14 March, 2023
Patchstack Weekly #62: The Patchstack State of WordPress Security Report
patchstack weekly
28 February, 2023
Patchstack Weekly #61: Should you use WordPress As a Headless CMS?
20 February, 2023
Patchstack Weekly #60: Should You Convert WordPress To a Static Site?
patchstack weekly
13 February, 2023
Patchstack Weekly #59: Do You Need Virtual Patches?
patchstack weekly
6 February, 2023
Patchstack Weekly #58: Do You Need security.txt?
patchstack weekly
30 January, 2023
Patchstack Weekly #57: Expanding Your Idea of Security
patchstack weekly
25 January, 2023
WPMU DEV’s Defender Pro Now Powered by Patchstack’s Vulnerability Feed
Security Community
23 January, 2023
Patchstack Weekly #56: How Can Developers Prove Their Plugins Are Secure?
patchstack weekly
16 January, 2023
Patchstack Weekly #55: How To Choose a Secure Web Hosting Provider?
patchstack weekly
10 January, 2023
Patchstack Weekly #54: How To Make Sure Your Sites Are Running Safe WordPress Plugins
patchstack weekly
3 January, 2023
Patchstack Weekly #53: Security Best Practice – Rotate Your Passwords
patchstack weekly
21 December, 2022
Patchstack Weekly #52: Will AI Change Web Security?
patchstack weekly
13 December, 2022
Most Common WordPress Vulnerabilities & How to Fix Them
WordPress Security Vulnerabilities
12 December, 2022
Patchstack Weekly #51: How One Vulnerability Affects Many
patchstack weekly
5 December, 2022
Patchstack Weekly #50: When Hacks Come Back
patchstack weekly
21 November, 2022
Patchstack Weekly #49: Hunting Open-Source Security Bugs with SAST.
patchstack weekly
14 November, 2022
Patchstack Weekly #48: Dealing with End of Life and Unsupported Open Source Projects.
patchstack weekly
7 November, 2022
Patchstack Weekly #47: What Is Type Juggling in PHP?
patchstack weekly
24 October, 2022
Patchstack Weekly #45: What Is an Open Redirect Bug (and Why It’s Dangerous)?
patchstack weekly
21 October, 2022
Patchstack Alliance September Winners & Leaderboard
Patchstack alliance
17 October, 2022
WordPress 6.0.3 Security Release Summary
WordPress Security Vulnerabilities
17 October, 2022
Patchstack Weekly #44: Who You Gonna Call When Your Site Goes Down?
patchstack weekly
10 October, 2022
Patchstack Weekly #43: OWASP ZAP HUD, Breakpoints, and Lightbulbs.
patchstack weekly
5 October, 2022
Patchstack Helps One.com Fix 56,000 WordPress Vulnerabilities for Their Customers
3 October, 2022
Patchstack Weekly #42: What is the OWASP ZAP HUD?
patchstack weekly
26 September, 2022
Patchstack Weekly #41: Introduction to OWASP ZAP
patchstack weekly
owasp zap
19 September, 2022
Patchstack Weekly #40: The WordCamp US Roundup
patchstack weekly
WCUS
16 September, 2022
Patchstack Alliance August Winners & Leaderboard
Patchstack alliance
5 September, 2022
Patchstack Weekly #39: WordPress 6.0.2 Security Release Details
patchstack weekly
2 September, 2022
Patchstack Is Partnering With Hostinger to Make WordPress Safer
29 August, 2022
Patchstack Weekly #38: What is Your Time to Patch?
patchstack weekly
22 August, 2022
Patchstack Weekly #37: What Is a CVSS Score?
patchstack weekly
15 August, 2022
Patchstack Weekly #36: What Makes a Good Security Bug Patching Practice?
patchstack weekly
12 August, 2022
A “New” Bug – PHP Object Injection via Insecure Instantiation
WordPress Security Vulnerabilities
8 August, 2022
Patchstack Weekly #35: SVG XSS Reported in Gutenberg
WordPress Security Vulnerabilities
patchstack weekly
1 August, 2022
Patchstack Weekly #34: Why You Shouldn’t Use Nulled Plugins and Themes
patchstack weekly
25 July, 2022
Patchstack Weekly #33: What is Server Side Request Forgery (SSRF)?
WordPress Security Vulnerabilities
patchstack weekly
18 July, 2022
Patchstack Weekly #32: Are Millions of WordPress Sites Really Under Attack?
patchstack weekly
Website Hacking Statistics
11 July, 2022
Patchstack Weekly #31: Why You Should Remove Unused Plugins
patchstack weekly
8 July, 2022
Patchstack::helpers [1] – Oliver Sild on Mentorship and Community
patchstack helpers
4 July, 2022
What is CSV Injection?
patchstack weekly
20 June, 2022
Patchstack Weekly #28: How To Choose Secure Plugins?
patchstack weekly
17 June, 2022
Ninja Forms Plugin Object Injection Security Bug Gets Patched
ninja forms
13 June, 2022
Patchstack Weekly #27: How to Update wp_options Securely.
patchstack weekly
WordPress Security Vulnerabilities
wp options
wordpress plugins
wordpress development
13 June, 2022
WordPress Vulnerability News, May 2023
WordPress Vulnerability News
7 June, 2022
Patchstack Weekly, Week 23: What Makes A Good WordPress Community?
patchstack weekly
30 May, 2022
Patchstack Weekly, Week 22: How To Create An Incident Response Plan?
patchstack weekly
25 May, 2022
What’s New In WordPress 6.0?
WordPress 6.0
23 May, 2022
Patchstack Weekly, Week 21: Vulnerability News & Over-Communicating Security
patchstack weekly
16 May, 2022
Patchstack Weekly, Week 20: How To Communicate Security?
patchstack weekly
11 May, 2022
Winners Of WordPress Bug Hunt 2021
Patchstack alliance
9 May, 2022
Patchstack Weekly, Week 19: Secure AJAX Endpoints & WordPress Vulnerabilities
patchstack weekly
2 May, 2022
Patchstack Weekly, Week 18: PHP Object Injection aka Insecure Deserialize
patchstack weekly
29 April, 2022
Why Hosting Companies Should Send Out WordPress Security Alerts?
WordPress security notifications
25 April, 2022
Patchstack Weekly, Week 17: Egoless Programming And Security Bugs
patchstack weekly
18 April, 2022
Patchstack Weekly, Week 16: WordPress Vulnerabilities And Secure Code Review
13 April, 2022
Critical Vulnerability Fixed In Elementor Plugin Version 3.6.3
Elementor
4 April, 2022
Patchstack Weekly, Week 14: Five Steps To A Secure WordPress From Scratch
patchstack weekly
28 March, 2022
Patchstack Weekly, Week 13: A New Set Of WP-CLI Security Commands
patchstack weekly
15 March, 2022
Patchstack Red Team Is Now Patchstack Alliance
Patchstack alliance
14 March, 2022
Patchstack Weekly, Week 11: State of WordPress Security 2021
patchstack weekly
7 March, 2022
Patchstack Weekly, Week 10: Influx of New Vulnerabilities & Freemius Library
patchstack weekly
28 February, 2022
Patchstack Weekly, Week 9: Vulnerability News & Insecure Libraries
patchstack weekly
17 February, 2022
Patchstack Partners Up With Plesk
plesk partnership
27 January, 2022
Critical Vulnerability Fixed In Essential Addons for Elementor Plugin
Essential Addons for Elementor
11 January, 2022
Authenticated Vulnerability in Unpatched WordPress Themes
unpatched WordPress themes
11 January, 2022
Patchstack App Tutorial: Writing Custom Firewall Rules
Custom Firewall Rules
7 January, 2022
Technical Advisory: WordPress Core 5.8.3 Security Update
wordpress core
22 December, 2021
New Improved WordPress Login Page Protection
Login Page Protection
16 December, 2021
If You Approach WordPress Security Like This, It’s Easy
WordPress security
13 December, 2021
Extremely Critical Vulnerability In The Apache Log4j Logging Library
Apache Log4j
1 December, 2021
Why Protect Websites Before Winter Holidays?
protect websites
Load more
Subscribe
All solutions
WordPress security
Plugin auditing
Vulnerability database
API for developers
Bug bounty program
Active security programs
NEW
WordPress security
For care plans
For hosts
For plugin developers
NEW
Pricing & features
Documentation
Patchstack
About us
Careers
Media kit
Articles & insight
Whitepaper 2022
Social
LinkedIn
Facebook
Join community
Twitter
Join Discord
DPA
Privacy Policy
Terms & Conditions
© 2023
Patchstack
All solutions
WordPress security
Plugin auditing
Vulnerability database
API for developers
Bug bounty program
Active security programs
NEW
WordPress security
For care plans
For hosts
For plugin developers
NEW
Pricing & features
Documentation
Patchstack
About us
Careers
Media kit
Articles & insight
Whitepaper 2022
Social
LinkedIn
Facebook
Join community
Twitter
Join Discord
© 2023 Patchstack
This website uses cookies.
Learn more.
Looks like your browser is blocking our support chat widget. Turn off adblockers and reload the page.
Reload page
close
chevron-right
chevron-down
twitter-square
facebook-square
linkedin-square
bars
cross
menu
