WordPress is a versatile and widely used content management system, and as a result, has become a prime target for spam comments. In this blog post, we’ll dive into how to stop WordPress spam comments. In recent times, the threat has intensified, posing significant challenges to website owners and administrators. With almost half of all […]
Did you leave your WordPress account logged in on a shared computer? Are you worried that someone is using your account without your permission? Worry no more! Forcing user logout in WordPress is a feature that will help put your mind at rest. In this post, we will briefly introduce the concept of WordPress sessions […]
WordPress 6.4.3 was released on January 30th, 2024, which includes two low-severity security fixes. This security fix addresses two potential security issues. The first one is an Administrator+ arbitrary PHP file upload on the plugin and theme upload functionality. The second issue is a potential security issue that can only be exploited if another vulnerability […]
Many businesses rely on WooCommerce for their e-commerce store, but have you considered whether is WooCommerce safe to use? E-commerce sales hit $6.3 trillion in 2023, and 20% of all retail sales were made online. If you run an e-commerce business then ensuring your website’s security is of the highest standard is paramount. Many businesses […]
This blog post is about an AI Engine plugin vulnerability. If you’re an AI Engine user, please update the plugin to at least version 1.9.99. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the AI Engine Plugin The plugin AI Engine (free version), which has over 50,000 active installations, is […]
Did you know that attackers can use several techniques to gain full access to your WordPress site if you use the default login URL? In this article, we will learn how to change the default WordPress Login URL to a custom secure URL. At Patchstack, we’ve seen a 150% growth in vulnerabilities reported in 2021 […]
Patchstack has been pioneering the WordPress bug bounty hunting scene for many years now. 6 years ago, we came up with an idea on how to make open-source bug bounty hunting cover even the smallest projects (regardless of whether they make money or not). This project was later renamed to Patchstack Red Team and then […]
This blog post is about the Porto Theme’s plugin vulnerability. If you’re a Porto Theme user, please update the plugin to at least version 2.12.1. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the Porto Theme’s Plugin The plugin Porto Theme – Functionality (premium version) is a required plugin for […]
This blog post explains how to backup WooCommerce store since having a good WooCommerce backup solution in place could potentially save your entire business one day. With 1 in 25 WordPress sites being hacked in 2023, how long do you feel you’re happy to wait until it’s your site? Your WooCommerce store may be vulnerable […]
“WordPress is insecure because it is open source.” This common misconception assumes open-source software is more vulnerable simply because anyone can see the code and find flaws. However, this is not the case. Open-source software can be more secure because it has a large and active community of developers and users who can review, test, […]