Welcome to the Patchstack Weekly Security Update, Episode 45! This update is for week 43 of 2022. Last week’s news included a new WordPress security release. WordPress 6.0.3 was made publicly available on Monday October 17th. You can read a summary of the WordPress 6.0.3 release on the Patchstack blog, or stay tuned for this […]
With another busy month behind us, let’s see what the Patchstack Alliance members dug up in September! Our researchers found 53 confirmed vulnerabilities. 9 of the vulnerabilities were found in plugins with 100,000+ installs across WordPress, including one with 2 million installs. Thought to be fair, that vulnerability in question was not particularly severe. A […]
Summary A new WordPress security release was announced today. On October 17th, 2022 WordPress Core released version 6.0.3 a security only release. This release includes a substantial number of security bug patches, so I will be reviewing them and sharing the details with you in this post. All security releases are important. You may want […]
Welcome to the Patchstack Weekly Security Update, Episode 44! This update is for week 42 of 2022. This week I will talk with you about an unsettling security risk caused when a malicious actor preys upon a site owner when they are experiencing an emergency. I will share what precautions you can take today in […]
Welcome to the Patchstack Weekly Security Update, Episode 43! This update is for week 41 of 2022. This week I am continuing to share knowledge about OWASP ZAP. I will share with you details of two features available in the OWASP ZAP HUD and how to use them. Hopefully, by the end of this episode, […]
We’ve always said the best way to handle website security is by preventing attacks in the first place. We’re happy to announce that One.com is the latest hosting provider joining the spearhead to tackle open-source security problems at the root. One.com has introduced Patchstack’s WordPress vulnerability alerts to customers on their Managed WordPress subscription, and […]
Welcome to the Patchstack Weekly Security Update, Episode 42! This update is for week 40 of 2022. In this week’s knowledge share I will continue to share with you some tips and tricks with OWASP ZAP. I will go over ZAP’s HUD – or heads-up display – so you can get an idea of what […]
Welcome to the Patchstack Weekly Security Update, Episode 41! This update is for week 39 of 2022. This week I will be introducing you to OWASP ZAP – an open-source web application security tool written by developers, for developers. It’s a great tool for those who want to get their hands dirty testing their web […]
Welcome back to the Patchstack Weekly Security Update! This update is for week 38 of 2022. Week 37 had no weekly because I was attending and speaking at WordCamp US 2022 hosted in San Diego, California, USA. This week I will share highlights from WordCamp US, as well as point out one vulnerability of concern […]
It’s September, which means it’s time to look back at what our security researchers got up to in the last month of summer – and what a hot time it was! A very busy august The Patchstack Alliance reported 105 new validated vulnerabilities last month. This doesn’t mean that WordPress plugin developers have gotten lazy […]