WordPress, powering over 40% of websites, is a prime target for cyberattacks. Virtual patches (vPatches) provide immediate protection against vulnerabilities in plugins and themes, ensuring site security while awaiting official fixes.
“If you’re running a business, there’s no such thing as page 2 of Google.” Harsh words? No, not really. Since only 0.63% of users actually click through to page 2 of Google, you’re either on page 1… …or you’re nowhere. However, if you’re running a WordPress website, you do have an advantage. You’re using the […]
This blog post is about ListingPro theme vulnerabilities. If you’re a ListingPro user, please update the theme and plugin to version 2.9.5 or higher. Patchstack users are protected from this vulnerability. For plugin developers, we have security audit services and Enterprise API for hosting companies. About the ListingPro Theme and Plugin The theme ListingPro (premium version), which has over […]
Our mission to provide the fastest mitigation to security vulnerabilities is core to our long-term vision of becoming a global cyber-security leader with the biggest impact on open-source security. Today, we are excited to finally reveal the next chapter of our journey. We truly believe that the only way to reach a dream so ambitious […]
There are thousands of “WordPress security plugins” listed on the official WordPress plugin repository, which claim to offer some security-related functionality and serve some purpose related to securing WordPress. This is not surprising. In our state of WordPress security report, we highlighted that nearly 42% of WordPress sites have at least one vulnerable software component. […]
Today we present an interview with John Blackbourn. John is a web developer of 20 years, a leader of projects and teams, and a public speaker. He recently moved into the role of Director of WordPress Security at Human Made.
This blog post is about the LiteSpeed plugin vulnerability. If you’re a LiteSpeed user, please update the plugin to at least version 6.5.0.1. If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. Patchstack is the official security partner for LiteSpeed Cache. Patchstack is […]
Performing a WordPress malware removal in a way that you can be sure that it’s clean is not an easy task. That’s why a WordPress malware removal can cost over 150 dollars – and that’s not considering lost revenue, wasted ad spend or long-term negative SEO consequences. Furthermore, depending on the service provider you can’t […]
The vulnerability in the LiteSpeed Cache plugin was originally reported by Patchstack Alliance community member John Blackbourn to the Patchstack Zero Day bug bounty program for WordPress. We are collaborating with the researcher to release the content of this security advisory article. This vulnerability has been rewarded the highest bounty in the history of WordPress […]
With frequent breaches, credit card fraud, and assorted ways attackers can compromise sensitive payment information (and the companies like eCommerce websites processing them), it’s no wonder the PCI-DSS got a new edition: PCI-DSS 4.0. However, with the update comes a plethora of new information. If you’ve been racking your brain trying to figure out what […]