This blog post is about the UserPro plugin vulnerabilities. If you’re a UserPro user, please update the plugin to at least version 5.1.9. Patchstack users are protected from this vulnerability. For plugin developers, we have security audit services and Enterprise API for hosting companies. About the UserPro Plugin The plugin UserPro (premium version), which has over 20,000 sales, is […]
This is a blog post about research of an additional vulnerability scenario of the root cause that led to the publicly known WordPress Core Blind SSRF. More affected components were found that may affect hundreds of plugins in the wild. WordPress core itself is not affected by this, but the plugins that are using the […]
This blog post is about the XStore theme and plugin vulnerabilities. If you’re an XStore user, please update the theme to at least version 9.3.9 and the plugin to at least version 5.3.9. Patchstack users are protected from this vulnerability. For plugin developers, we have security audit services and Enterprise API for hosting companies. About the XStore Theme and […]
This blog post is about the Uncode Core plugin vulnerabilities. If you’re a Uncode user, please update the core plugin to at least version 2.8.9. Patchstack users are protected from this vulnerability. For plugin developers, we have security audit services and Enterprise API for hosting companies. About the Uncode Core Plugin The plugin Uncode Core (premium version) is a […]
This blog post is about the REHub theme and plugin vulnerabilities. If you’re a REHub user, please update the plugin to at least version 19.6.2 on both the theme and the plugin. Patchstack users are protected from this vulnerability. For plugin developers, we have security audit services and Enterprise API for hosting companies. About the REHub Theme and Plugin […]
The vulnerability in the GOTMLS plugin was originally reported by stealthcopter to the Patchstack bug bounty program for WordPress. We are collaborating with the researcher to release the content of this security advisory article. This blog post is about the GOTMLS plugin vulnerability. If you’re a GOTMLS user, please update the plugin to at least […]
This blog post is about the LiteSpeed plugin vulnerability. If you’re a LiteSpeed user, please update the plugin to at least version 5.7.0.1. Patchstack users are protected from this vulnerability. For plugin developers, we have security audit services and Enterprise API for hosting companies. About the LiteSpeed Cache Plugin The plugin LiteSpeed Cache (free version), which has over 4 […]
The vulnerability in the Bricks Builder Theme was originally reported by snicco to the Patchstack bug bounty program for WordPress. We are collaborating with the researcher to release the content of this security advisory article. This blog post is about the Bricks Builder Theme vulnerability. If you’re a Bricks Builder Theme user, please update the […]
This blog post is about an AI Engine plugin vulnerability. If you’re an AI Engine user, please update the plugin to at least version 1.9.99. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the AI Engine Plugin The plugin AI Engine (free version), which has over 50,000 active installations, is […]
This blog post is about the Porto Theme’s plugin vulnerability. If you’re a Porto Theme user, please update the plugin to at least version 2.12.1. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the Porto Theme’s Plugin The plugin Porto Theme – Functionality (premium version) is a required plugin for […]