Welcome back to the Patchstack Weekly security update! This update is for week 17 of 2022. This week I have a handful of vulnerabilities to share with you. Including 3 unauthenticated SQL injection security bugs that were patched, and 3 security bugs that could lead to files being uploaded to websites running these affected plugins. […]
Welcome back to the Patchstack Weekly security update! This update is for week 16 of 2022 and is about the power of transparency in open source, and how anyone can utilize this transparency to learn secure code review. This week I will talk about the power of transparency in open source as it pertains to […]
A critical vulnerability was fixed in the WordPress plugin Elementor. Do you want to be the first to be alerted about such vulnerabilities? Sign up for Patchstack. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. Note: we are still gathering more information on this vulnerability, such as the requirements to exploit this vulnerability […]
Welcome back to the Patchstack Weekly security update! This update is for week 14 of 2022 and I will talk about the first 5 steps to a secure WordPress. This week has a lot of vulnerability news to cover, and I will be sharing it as a 3-2-1 punch of 3 plugins that received no […]
Welcome back to the Patchstack Weekly security update! This update is for week 13 of 2022. This week, I will talk about two high-risk vulnerabilities in two WordPress plugins with one big difference: One was patched, one was not. In this week’s knowledge share I will share some new WP-CLI Security commands that were just […]
Patchstack Red Team is now Patchstack Alliance. Exactly 1 year ago, Patchstack kicked off a bug hunting community that gathered together ethical hackers who contribute to making the WordPress ecosystem more secure. After an exciting year of working together with researchers all around the world, we learned that this initiative could have an even bigger […]
Welcome back to the Patchstack Weekly security update! This update is for week 11 of 2022. This week is all about plugin vulnerabilities and the State of WordPress Security 2021 whitepaper. There is some big news this week, but really I should say last week. Patchstack released our State of WordPress Security Whitepaper for 2021 […]
Welcome back to the Patchstack Weekly security update! This update is for week 10 of 2022 it is the beginning of March. In this week I will cover a few high-risk vulnerabilities found in WordPress components, give an update on the insecure old Freemius library situation and discuss last month’s additions to the Patchstack database. […]
Welcome back to the Patchstack Weekly security update! This update is for week 9 of 2022 and focuses on insecure libraries. This week has been a heavy news week for the world, and open-source, specifically WordPress security concerns were no exception. There are 5 plugins that have released patches for serious vulnerabilities this week, as […]
We’re beyond excited to announce that Plesk has selected Patchstack as its security partner to allow WP Toolkit users to detect security vulnerabilities in their WordPress websites. Patchstack will be integrated with WP Toolkit to provide both; vulnerability detection and protection. Plesk is the leading WebOps hosting platform to run, automate and grow applications, websites, […]