This is a practical article that helps you to redirect WordPress from HTTP to HTTPs. HTTP and HTTPS are two protocols that are used to transfer data between a web browser and a web server. The main difference between HTTP and HTTPS is that HTTPS uses encryption to secure the data that is sent and […]
This blog post is about a premium Thrive Theme vulnerability. If you’re a premium Thrive Theme user, please update the plugin to at least version 3.24.0. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the Thrive Theme The theme Thrive (premium version), which is estimated to have over 110,000 active […]
Today, we’re excited to announce the next generation of Patchstack firewall engine. The new engine is engineered to provide the most efficient application layer protection possible, with even greater vulnerability coverage and industry-leading performance. Over 50% of all known WordPress-related (core, plugins, themes, etc.) security vulnerabilities in 2023 have been originally reported by Patchstack Alliance […]
This blog post is about the WooCommerce and Jetpack plugin vulnerability. If you’re a WooCommerce and Jetpack user, please update the plugin to at least version 8.2.0 and 12.8-a.3 respectively. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the WooCommerce and Jetpack plugin The plugin WooCommerce (versions <= 8.1.1, free […]
Brute force attack is arguably one of the most common and potentially dangerous threats to WordPress websites. A brute force attack involves hackers trying to guess your WordPress login credentials by repeatedly submitting different combinations of usernames and passwords. If they s쳮d, they can take over your entire website and cause serious damage. In this […]
Remaining committed to protecting the security and privacy of your visitors (and users) is as important as it always has been in our eyes. Studies back in 2003 (yes, that’s around 20 years ago) found that there was an attack every 39 seconds on average. And some statistics now suggest up to 30,000 websites are […]
Over the past 6 months, we’ve been building, testing and fine-tuning a new vulnerability scoring system called Patchstack Priority to provide a more accurate representation of the seriousness of security vulnerabilities. The goal? Help WordPress developers reduce alert fatigue and know what to patch first. We have carefully assigned the Patchstack Priority scores to all […]
This blog post is about an Elementor plugin vulnerability. If you’re an Elementor user, please update the plugin to at least version 3.16.5. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the Elementor Plugin The plugin Elementor (versions <= 3.16.4, free version), which has over 5 million active installations, is […]
We’re happy to announce a new strategic partnership with Cloudways. This week, Cloudways launched their vulnerability scanner powered by Patchstack’s database, giving their customers visibility into potential security issues with their WordPress core, plugin, and theme versions. In short, this means that more people will know whether they have hidden security risks on their websites. […]
On the 12th of October 2023, WordPress.org released a security update and recommended users update their sites as soon as possible. This WordPress core 6.3.2 security release addresses 7 different security vulnerabilities and 1 potential security issue that affects multiple WordPress core versions. For many, WordPress automatically updates the core to the latest version. Check […]