For the last two years, the results of the Patchstack open-source bounty program have been growing fast. In January alone, we’ve received 418 valid vulnerability reports. We crossed the mark of 1K valid vulnerability reports this year at the beginning of April and then added over 1000 vulnerabilities in July alone, so you can imagine […]
This blog post is about the Jupiter X Core plugin vulnerability. If you’re a Jupiter X user, please update the plugin to at least version 3.4.3. Patchstack users are protected from the vulnerability. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the Jupiter X Core Plugin The plugin Jupiter X […]
This blog post is about the Avada theme and plugin vulnerability. If you’re a Avada user, please update the Avada builder plugin to at least version 3.11.2 and Avada theme to at least version 7.11.2. Patchstack users are protected from the vulnerability. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About […]
This blog post is about the JetElements For Elementor plugin vulnerability. If you’re a JetElements For Elementor user, please update the plugin to at least version 2.6.11. Patchstack users are protected from the vulnerability. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the JetElements For Elementor Plugin The plugin JetElements […]
This blog post is about vulnerabilities in Ninja Forms plugin vulnerabilities. If you’re a Ninja Forms user, please update the plugin to at least version 3.6.26. Patchstack users are protected from the vulnerability. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the Ninja Forms plugin The plugin Ninja Forms versions […]
There is a Site-Wide Reflected XSS in the Freemius WordPress SDK – the vulnerability is in versions <= 2.5.9 and it affects millions of sites. Patchstack users are protected from the vulnerability. This blog post is about the Freemius WordPress SDK vulnerability. If you’re a vendor of a plugin or theme that utilizes the Freemius […]
This blog post is about the HT Mega plugin critical vulnerability. If you’re a HT Mega user, please update the plugin to at least version 2.2.1. Patchstack users are protected from the vulnerability. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the HT Mega plugin The plugin HT Mega (versions […]
This blog post is about the WooCommerce Stripe Gateway plugin vulnerability. If you’re a WooCommerce Stripe Gateway user, please update the plugin to at least version 7.4.1. Patchstack users are protected from the vulnerability. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the WooCommerce Stripe Gateway WordPress plugin The plugin […]
WordPress is the world’s most popular content management system, powering millions of websites globally. Its popularity, however, also makes it a prime target for malicious activities, such as brute force attacks, hacking attempts, and unauthorized access. One effective way to enhance the security of your WordPress site is by blocking access to the default login […]
This blog post is about the security vulnerability in Gravity Forms. If you’re a Gravity Forms user, please update the plugin to at least version 2.7.4. Patchstack users are protected from the vulnerability. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the Gravity Forms WordPress plugin The plugin Gravity Forms […]